Vulnerability Description
Lakeside SysTrack Agent 11 before 11.5.0.15 has a race condition with resultant local privilege escalation to SYSTEM. The fixed versions are 11.2.1.28, 11.3.0.38, 11.4.0.24, and 11.5.0.15.
CVSS Score
7.4
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Related Weaknesses (CWE)
References
- https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11.2
- https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11_3
- https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11_4
- https://documentation.lakesidesoftware.com/en/Content/Release%20Notes/Agent/11_5
FAQ
What is CVE-2026-35099?
CVE-2026-35099 is a vulnerability with a CVSS score of 7.4 (HIGH). Lakeside SysTrack Agent 11 before 11.5.0.15 has a race condition with resultant local privilege escalation to SYSTEM. The fixed versions are 11.2.1.28, 11.3.0.38, 11.4.0.24, and 11.5.0.15.
How severe is CVE-2026-35099?
CVE-2026-35099 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-35099?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.