CVE-2020-0801: 
vulnerability analysis and mitigation

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, identified as CVE-2020-0801. This vulnerability was disclosed in March 2020 and affects various versions of Microsoft Windows operating systems. The vulnerability is unique from similar issues CVE-2020-0807, CVE-2020-0809, and CVE-2020-0869 (NVD, MITRE).

The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability can be exploited remotely, requires low attack complexity, needs no privileges, but does require user interaction. The vulnerability is classified as CWE-787 (Out-of-bounds Write) (NVD).

If successfully exploited, this vulnerability could allow an attacker to gain the same user rights as the local user. Users with administrative privileges would be more severely impacted compared to users with restricted rights. The vulnerability could lead to complete compromise of confidentiality, integrity, and availability of the affected system (NVD).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate security updates for their specific Windows version. The updates address the vulnerability by correcting how Windows Media Foundation handles objects in memory (MITRE).