CVE-2020-0787: 
vulnerability analysis and mitigation

CVE-2020-0787 is a Windows Background Intelligent Transfer Service (BITS) elevation of privilege vulnerability discovered in 2019 and publicly disclosed in March 2020. The vulnerability exists when BITS improperly handles symbolic links, allowing attackers to potentially gain elevated privileges on affected Windows systems (NVD).

The vulnerability has a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. It is classified under CWE-59 (Improper Link Resolution Before File Access) and requires local access with user interaction to exploit. The vulnerability affects multiple versions of Microsoft Windows, including Windows 10, Windows 8.1, Windows 7 SP1, and various Windows Server versions (NVD).

If successfully exploited, this vulnerability allows an attacker to gain elevated system privileges through the manipulation of symbolic links in the Windows Background Intelligent Transfer Service. This could lead to complete system compromise with the ability to execute arbitrary code with elevated privileges, access sensitive information, and make system-wide changes (Rapid7).

Microsoft has released security updates to address this vulnerability. Users are advised to apply the appropriate patches for their Windows version. The updates are available through Microsoft's standard update channels and should be applied as soon as possible (MSRC).