CVE-2020-0721: 
vulnerability analysis and mitigation

An elevation of privilege vulnerability (CVE-2020-0721) exists in Windows when the Win32k component fails to properly handle objects in memory. This vulnerability was discovered and reported to Microsoft in November 2019, and affects multiple versions of Windows operating systems. The vulnerability is distinct from several other Win32k-related vulnerabilities (CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731) (CVE Details).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access, low attack complexity, low privileges, and no user interaction to exploit. The vulnerability affects confidentiality, integrity, and availability, all with high impact (NVD).

If successfully exploited, this vulnerability could allow an attacker to gain elevated privileges on affected Windows systems. The high CVSS scores for confidentiality, integrity, and availability (all rated as HIGH) indicate that successful exploitation could result in complete compromise of system security (NVD).

Microsoft has released security updates to address this vulnerability. The fix is available through Microsoft's standard update channels for affected Windows versions, including Windows 10, Windows 8.1, Windows 7 SP1, and various Windows Server versions (Microsoft Advisory).