{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6241", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2025-06-18T15:18:17.582Z", "datePublished": "2025-07-27T00:46:41.118Z", "dateUpdated": "2025-11-03T20:06:53.132Z"}, "containers": {"cna": {"title": "CVE-2025-6241", "descriptions": [{"lang": "en", "value": "LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary code. This malicious DLL is executed in the context of NT AUTHORITY\\SYSTEM upon service start or restart, due to the Windows default dynamic-link library search order, resulting in local elevation of privileges."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Lakeside Software", "product": "SysTrack", "versions": [{"status": "affected", "version": "10.05.0027", "lessThan": "10.10.0.42", "versionType": "custom"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-427 Uncontrolled Search Path Element"}]}], "references": [{"url": "https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/10_10_0%20Hotfix%20Agent%20Release%20Notes%20On%20Premises.htm?tocpath=Release%20Notes%7CAgent%7C_____13"}], "x_generator": {"engine": "VINCE 3.0.21", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2025-6241"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2025-07-29T12:12:06.276Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-07-30T18:20:44.276812Z", "id": "CVE-2025-6241", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-30T18:20:50.800Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://www.kb.cert.org/vuls/id/335798"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:06:53.132Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.kb.cert.org/vuls/id/335798"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:06:53.132Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-6241", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-30T18:20:44.276812Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-30T18:20:37.235Z"}}], "cna": {"title": "CVE-2025-6241", "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Lakeside Software", "product": "SysTrack", "versions": [{"status": "affected", "version": "10.05.0027", "lessThan": "10.10.0.42", "versionType": "custom"}]}], "references": [{"url": "https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/10_10_0%20Hotfix%20Agent%20Release%20Notes%20On%20Premises.htm?tocpath=Release%20Notes%7CAgent%7C_____13"}], "x_generator": {"env": "prod", "engine": "VINCE 3.0.21", "origin": "https://cveawg.mitre.org/api/cve/CVE-2025-6241"}, "descriptions": [{"lang": "en", "value": "LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary code. This malicious DLL is executed in the context of NT AUTHORITY\\SYSTEM upon service start or restart, due to the Windows default dynamic-link library search order, resulting in local elevation of privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-427 Uncontrolled Search Path Element"}]}], "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2025-07-29T12:12:06.276Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6241", "state": "PUBLISHED", "dateUpdated": "2025-11-03T20:06:53.132Z", "dateReserved": "2025-06-18T15:18:17.582Z", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "datePublished": "2025-07-27T00:46:41.118Z", "assignerShortName": "certcc"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary code. This malicious DLL is executed in the context of NT AUTHORITY\\SYSTEM upon service start or restart, due to the Windows default dynamic-link library search order, resulting in local elevation of privileges."}, {"lang": "es", "value": "LsiAgent.exe, un componente de SysTrack de Lakeside Software, intenta cargar varios archivos DLL que no est\u00e1n presentes en la instalaci\u00f3n predeterminada. Si existe un directorio con permisos de escritura en la variable de entorno SYSTEM PATH, el usuario puede escribir en \u00e9l una DLL maliciosa con c\u00f3digo arbitrario. Esta DLL maliciosa se ejecuta en el contexto de NT AUTHORITY\\SYSTEM al iniciar o reiniciar el servicio, debido al orden de b\u00fasqueda predeterminado de la librer\u00eda de v\u00ednculos din\u00e1micos de Windows, lo que resulta en una elevaci\u00f3n local de privilegios."}], "id": "CVE-2025-6241", "lastModified": "2025-11-03T20:19:18.537", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-07-27T01:15:29.690", "references": [{"source": "cret@cert.org", "url": "https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/10_10_0%20Hotfix%20Agent%20Release%20Notes%20On%20Premises.htm?tocpath=Release%20Notes%7CAgent%7C_____13"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.kb.cert.org/vuls/id/335798"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Awaiting Analysis"}

{}

{"created": "2025-07-29T10:01:07.341480+00:00", "updated": "2025-07-29T10:01:07.341567+00:00", "vendors": ["lakeside_software", "lakeside_software$PRODUCT$systrack"]}