CVE-2020-0662: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2020-0662) was discovered in Windows, specifically affecting how Windows handles objects in memory. The vulnerability was disclosed on February 11, 2020, and affects multiple versions of Windows operating systems including Windows 10, Windows Server 2019, and Windows 7 (NVD).

The vulnerability is a stack-based buffer overflow occurring in svchost.exe due to an unchecked size argument to a memcpy call in ipnathlp.dll!DhcpAddArpEntry. The size argument is restricted to 0-255 inclusive as it must fit in a uint8_t variable. The vulnerability is triggered when the hardware address length field from a DHCP/BootP message is sufficiently large and the DHCP option 53 (DHCP Message Type) is omitted. The vulnerability received a CVSS v3.1 base score of 8.8 (HIGH) with vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (AttackerKB).

If successfully exploited, this vulnerability could allow an attacker to execute remote code on the target system. The vulnerability has high impact ratings for confidentiality, integrity, and availability, indicating potential complete compromise of the affected system (NVD).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate patches based on their Windows version, including KB4532691 for Windows 10 version 1809, KB4532693 for versions 1903 and 1909, and various other KB updates for different Windows versions (Rapid7).