Jacob Paullus

**Name of the Vulnerable Software and Affected Versions** Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows **Description** The issue is a local privilege escalation vulnerability that allows attackers to gain SYSTEM level access. This flaw is present in the SysTrack LsiAgent Installer for Windows, which can be exploited by low-privilege users to execute arbitrary code. The vulnerability was discovered and reported by Mandiant, and it is related to flaws in the MSI repair process. **Recommendations** For Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows, update to version 11.0 to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the vulnerable installer until a patch is applied. Ensure your systems are updated to the latest version to minimize the risk of exploitation.