- Description
- Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.
- Source
- mandiant-cve@google.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- mandiant-cve@google.com
- CWE-379
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
CVE-2023-6080: サードパーティ製インストーラの悪用に関するケーススタディ #GoogleCloud https://t.co/8xvHIQ38La
@kaz_goto
20 Feb 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Securing third-party Windows installers can be challenging. Our latest blog post covers CVE-2023-6080, a local privilege escalation vulnerability found in Lakeside Software's SysTrack Agent 10.7.8. See how it was discovered and eventually patched: https://t.co/ONPC6yhZCG https:
@Mandiant
5 Feb 2025
2784 Impressions
7 Retweets
16 Likes
4 Bookmarks
1 Reply
0 Quotes
Mandiant has uncovered CVE-2023-6080, a local privilege escalation in SysTrack that allows low-privilege users to execute arbitrary code. Fixed in version 11.0. 🚨 #SysTrack #Windows #USA link: https://t.co/b4VW1RBBW9 https://t.co/6ITkE2xQan
@TweetThreatNews
4 Feb 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mandiant reported on CVE-2023-6080, a local privilege escalation vulnerability in Lakeside Software's SysTrack installer, which was exploited due to flaws in the MSI repair process, now fixed in version 11.0. #CVE20236080 #CyberSecurity https://t.co/US4fC2XC4v
@Cyber_O51NT
4 Feb 2025
2911 Impressions
15 Retweets
45 Likes
10 Bookmarks
0 Replies
0 Quotes
CVE-2023-6080: A Case Study on Third-Party Installer Abuse @googlecloud https://t.co/rI37phFwlu
@r0ns3n
3 Feb 2025
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Our blog on CVE-2023-6080 is here 💥 check it out! We detail the discovery and exploitation process, going from low privilege to SYSTEM 😎 https://t.co/cD8HiaARaC
@psycep_
3 Feb 2025
269 Impressions
9 Retweets
11 Likes
3 Bookmarks
1 Reply
0 Quotes
CVE-2023-6080 Local Privilege Escalation in SysTrack LsiAgent Installer for Windows Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows has a local privilege escalation issue. This flaw let... https://t.co/Y84EUDItpS
@VulmonFeeds
48 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2023-6080 Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level acces… https://t.co/CWnNRAYmQ4
@CVEnew
517 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Excited to finally share some details of my favorite CVE, discovered with @psycep_ (definitely give him a follow)! This one’s a fun local privilege escalation vulnerability in Lakeside Software’s SysTrack LsiAgent Installer – CVE-2023-6080 🤜🤛 https://t.co/MK4MyBRHjr
@AndrewOliveau
3991 Impressions
12 Retweets
67 Likes
21 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lakesidesoftware:systrack_lsiagent:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "A277FDEC-1405-4ED3-8D9B-4EB5EDAF5BED",
"versionEndExcluding": "11.0",
"versionStartIncluding": "10.7.8"
}
],
"operator": "OR"
}
]
}
]