← Back to CVE List

CVE-2019-17202

Published: 2020-01-23T15:15Z
Last Modified: 2024-11-21T04:31Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a challenge-response manner upon attempting to elevate privileges. The challenge's response uses a simple algorithm that can be easily emulated via data (customer ID and device name) available to all users, and thus any user can elevate to Administrator privilege. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt