CVE-2020-0660: 
vulnerability analysis and mitigation

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, known as 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'. This vulnerability was assigned CVE-2020-0660 and was first recorded on November 4, 2019, with public disclosure in February 2020 (CVE Details).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating that it can be exploited over the network with low attack complexity and requires no privileges or user interaction. The CVSS v2.0 base score is 5.0 (MEDIUM) with vector (AV:N/AC:L/Au:N/C:N/I:N/A:P) (NVD).

The successful exploitation of this vulnerability can result in denial of service conditions, potentially affecting the availability of the targeted system's RDP services. The vulnerability specifically impacts the system's ability to handle RDP connections when specially crafted requests are received (NVD).

Microsoft has released security updates to address this vulnerability. The fixes are available through various KB updates for affected systems including Windows 10 (multiple versions), Windows 8.1, Windows RT 8.1, and Windows Server versions 2012, 2016, and 2019 (Rapid7).