CVE-2026-35099_CVE-2026-35099

7.4 / 10

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Lakeside SysTrack Agent 11 before 11.5.0.15 has a race condition with resultant local privilege escalation to SYSTEM. The fixed versions are 11.2.1.28, 11.3.0.38, 11.4.0.24, and 11.5.0.15.

Basic Information

ID CVE-2026-35099

Source mitre

Published Apr 1, 2026 at 15:39

Modified Apr 1, 2026 at 20:11

Affected Product

Vendor Lakeside Software

Product SysTrack Agent

Version 11

Affected Versions Lakeside Software SysTrack Agent 11
Lakeside Software SysTrack Agent 11.3
Lakeside Software SysTrack Agent 11.4
Lakeside Software SysTrack Agent 11.5

CWE Classification

CWE-362

References

{
    "lastseen": "",
    "description": "Lakeside SysTrack Agent 11 before 11.5.0.15 has a race condition with resultant local privilege escalation to SYSTEM. The fixed versions are 11.2.1.28, 11.3.0.38, 11.4.0.24, and 11.5.0.15.",
    "published": "2026-04-01T15:39:51.438Z",
    "modified": "2026-04-01T20:11:43.803Z",
    "type": "cve",
    "title": "CVE-2026-35099",
    "source": "mitre",
    "references": "https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11.2.1.28%20Hotfix%20Agent%20Release%20Notes.htm?tocpath=Release%20Notes%7CAgent%7C_____8\nhttps://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11_3_xxx%20Hotfix%20Agent%20Release%20Notes.htm?tocpath=Release%20Notes%7CAgent%7C_____6\nhttps://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11_4_xxx%20Hotfix%20Agent%20Release%20Notes.htm?tocpath=Release%20Notes%7CAgent%7C_____4\nhttps://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11_5_xxx%20Hotfix%20Agent%20Release%20Notes.htm?tocpath=Release%20Notes%7CAgent%7C_____2",
    "id": "CVE-2026-35099",
    "bulletinFamily": "",
    "cwe": [
        "CWE-362"
    ],
    "cvelist": null,
    "sourceData": "Lakeside Software SysTrack Agent 11\nLakeside Software SysTrack Agent 11.3\nLakeside Software SysTrack Agent 11.4\nLakeside Software SysTrack Agent 11.5",
    "sourceHref": "",
    "cvss": {
        "score": 7.4,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SysTrack Agent",
    "version": "11",
    "vendor": "Lakeside Software",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}