High severity7.8NVD Advisory· Published Jan 23, 2020· Updated Jun 17, 2026
CVE-2019-17202
CVE-2019-17202
Description
FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a challenge-response manner upon attempting to elevate privileges. The challenge's response uses a simple algorithm that can be easily emulated via data (customer ID and device name) available to all users, and thus any user can elevate to Administrator privilege.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- FastTrack/Admin By Requestdescription
- Range: <6.1.0.0
Patches
Vulnerability mechanics
References
2- improsec.com/en/responsible-disclosurenvdThird Party Advisory
- www.adminbyrequest.com/en/releasenotesnvd
News mentions
0No linked articles in our index yet.