CVE-2025-6241

Name of the Vulnerable Software and Affected Versions Lakeside SysTrack versions (affected versions not specified)

Description LsiAgent.exe, a component of SysTrack, attempts to load DLL files that are not part of the default installation. If a user-writable directory is included in the SYSTEM PATH environment variable, a user can place a malicious DLL in that directory. This DLL is then executed with NT AUTHORITYSYSTEM privileges when the service starts or restarts, leading to local privilege escalation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.