CVE-2020-0735: 
vulnerability analysis and mitigation

An elevation of privilege vulnerability was identified in the Windows Search Indexer, specifically in how it handles objects in memory. This vulnerability, tracked as CVE-2020-0735, is distinct from related vulnerabilities CVE-2020-0666, CVE-2020-0667, and CVE-2020-0752. The vulnerability was initially recorded on November 4, 2019, and was publicly disclosed on February 11, 2020. The affected systems include multiple versions of Microsoft Windows, including Windows 10 (versions 1607, 1709, 1803, 1809, 1903, 1909), Windows 7 SP1, and Windows 8.1 (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Under CVSS v2.0, it received a base score of 4.6 (MEDIUM) with the vector string (AV:L/AC:L/Au:N/C:P/I:P/A:P). These scores indicate that the vulnerability requires local access but has high potential impact on confidentiality, integrity, and availability (NVD).

The vulnerability could allow an attacker to gain elevated privileges on affected systems through the exploitation of the Windows Search Indexer's memory handling mechanism. A successful exploit could result in an attacker gaining higher privileges on the targeted system, potentially leading to full system compromise (NVD).

Microsoft has released security updates to address this vulnerability. Users of affected systems should apply the appropriate patches through Windows Update or Microsoft's security guidance (Microsoft Advisory).