Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-39929
PUBLISHED
More InfoOfficial Page
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
View Known Exploited Vulnerability (KEV) details
Published At-28 May, 2026 | 21:14
Updated At-29 May, 2026 | 19:07
Rejected At-
▼CVE Numbering Authority (CNA)
Lakeside SysTrack Agent LsiAgent.exe Out-of-Bounds Read via UDP

Lakeside SysTrack Agent versions prior to 11.2.1.28, 11.3.0.38, 11.4.0.24, 11.5.0.15 contain an out-of-bounds read vulnerability in the Command ID 30 UDP packet handler that allows remote attackers to crash the application by sending a specially crafted UDP packet. Attackers can send a malformed packet with an invalid memory address at offset 0x4 in the payload to trigger an access violation and cause a denial of service.

Affected Products
Vendor
Lakeside Software, LLC.
Product
SysTrack Agent
Default Status
affected
Versions
Affected
  • From 0 before 11.2.1.28 (custom)
  • From 11.3.0.xxx before 11.3.0.38 (custom)
  • From 11.4.0.xxx before 11.4.0.24 (custom)
  • From 11.5.0.xxx before 11.5.0.15 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-125Out-of-bounds Read
CWECWE-754Improper Check for Unusual or Exceptional Conditions
Type: CWE
CWE ID: CWE-125
Description: Out-of-bounds Read
Type: CWE
CWE ID: CWE-754
Description: Improper Check for Unusual or Exceptional Conditions
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Austin A. DeFrancesco (DefCesco)
finder
VulnCheck
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://documentation.lakesidesoftware.com/docs/112128-hotfix-agent-release-notes
release-notes
patch
https://documentation.lakesidesoftware.com/docs/1130xxx-hotfix-agent-release-notes
release-notes
patch
https://documentation.lakesidesoftware.com/docs/1140xxx-hotfix-agent-release-notes
release-notes
patch
https://documentation.lakesidesoftware.com/docs/1150xxx-hotfix-agent-release-notes
release-notes
patch
https://www.vulncheck.com/advisories/lakeside-systrack-agent-lsiagent-exe-out-of-bounds-read-via-udp
third-party-advisory
Hyperlink: https://documentation.lakesidesoftware.com/docs/112128-hotfix-agent-release-notes
Resource:
release-notes
patch
Hyperlink: https://documentation.lakesidesoftware.com/docs/1130xxx-hotfix-agent-release-notes
Resource:
release-notes
patch
Hyperlink: https://documentation.lakesidesoftware.com/docs/1140xxx-hotfix-agent-release-notes
Resource:
release-notes
patch
Hyperlink: https://documentation.lakesidesoftware.com/docs/1150xxx-hotfix-agent-release-notes
Resource:
release-notes
patch
Hyperlink: https://www.vulncheck.com/advisories/lakeside-systrack-agent-lsiagent-exe-out-of-bounds-read-via-udp
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found