CVE-2020-0754: 
vulnerability analysis and mitigation

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, identified as CVE-2020-0754. This vulnerability was disclosed on February 11, 2020, affecting multiple versions of Windows operating systems including Windows 10, Windows 7, Windows 8.1, and various Windows Server versions (NVD, MITRE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High), with an impact score of 5.9 and exploitability score of 1.8. The attack vector is Local (AV:L), requiring low attack complexity (AC:L) and low privileges (PR:L), with no user interaction (UI:N). The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is all rated as High (AttackerKB).

If successfully exploited, this vulnerability could allow an attacker to gain elevated privileges on the affected system. The vulnerability specifically enables arbitrary file deletion as the SYSTEM user if an attacker can create a symbolic link for a temporary file at the right time (AttackerKB).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate patches for their specific Windows version to mitigate the risk (MITRE).