CVE-2025-6241 | THREATINT

Description

LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary code. This malicious DLL is executed in the context of NT AUTHORITY\SYSTEM upon service start or restart, due to the Windows default dynamic-link library search order, resulting in local elevation of privileges.

PUBLISHED Reserved 2025-06-18 | Published 2025-07-27 | Updated 2025-11-03 | Assigner certcc

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

10.05.0027 (custom) before 10.10.0.42

affected

References

www.kb.cert.org/vuls/id/335798

documentation.lakesidesoftware.com/...otes%7CAgent%7C_____13

cve.org (CVE-2025-6241)

nvd.nist.gov (CVE-2025-6241)

Download JSON