CVE-2020-0737: 
vulnerability analysis and mitigation

An elevation of privilege vulnerability identified as CVE-2020-0737 was discovered in Microsoft Windows systems. The vulnerability exists in the way that the tapisrv.dll handles objects in memory. This security issue was initially recorded on November 4, 2019, and was publicly disclosed on February 11, 2020. The vulnerability affects multiple versions of Microsoft Windows including Windows 10 (all versions up to 1909), Windows 7 SP1, and Windows 8.1 (NVD Database, CVE MITRE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Under CVSS v2.0, it received a base score of 4.6 (MEDIUM) with the vector (AV:L/AC:L/Au:N/C:P/I:P/A:P). The vulnerability specifically relates to how the tapisrv.dll component handles objects in memory, which could potentially lead to privilege elevation (NVD Database).

If successfully exploited, this vulnerability could allow an attacker to gain elevated privileges on affected systems. The high CVSS v3.1 score of 7.8 indicates significant potential impact on the confidentiality, integrity, and availability of the system (NVD Database).

Microsoft has released security updates to address this vulnerability. Users of affected systems should apply the appropriate patches through Microsoft's security update channel (Microsoft Advisory).