CVE-2020-0665: 
vulnerability analysis and mitigation

CVE-2020-0665 is an elevation of privilege vulnerability that exists in Active Directory Forest trusts. The vulnerability stems from a default setting that allows an attacker in the trusting forest to request delegation of a TGT (Ticket Granting Ticket) for an identity from the trusted forest. This vulnerability was disclosed on February 11, 2020, affecting multiple versions of Windows Server and Windows operating systems (NVD, MITRE).

The vulnerability has been assigned a CVSS v3.1 Base Score of 8.1 (High), with an Impact Score of 5.9 and Exploitability Score of 2.2. The attack vector is Network-based (AV:N) with High attack complexity (AC:H), requiring no privileges (PR:N) and no user interaction (UI:N). The scope is unchanged (S:U), with High impact on Confidentiality, Integrity, and Availability (AttackerKB).

The vulnerability enables attackers to potentially break the security boundaries that an Active Directory forest claims to maintain. This could lead to a complete compromise of resources in any forest with a two-way interforest trust, significantly impacting the security of the Active Directory infrastructure (AttackerKB).

Microsoft has released security updates to address this vulnerability across multiple affected versions of Windows Server and Windows operating systems, including Windows 10, Windows Server 2019, Windows Server 2016, and earlier versions (NVD).

Security researchers have noted that despite Microsoft rating this vulnerability as 'Important', the potential impact could be more critical, particularly if the level of compromise is similar to previous Active Directory forest security boundary attacks (AttackerKB).