CVE-2020-0803: 
vulnerability analysis and mitigation

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, identified as CVE-2020-0803. This vulnerability was disclosed in March 2020 and affects multiple versions of Microsoft Windows operating systems. This vulnerability is unique from other similar vulnerabilities (CVE-2020-0778, CVE-2020-0802, CVE-2020-0804, CVE-2020-0845) (MITRE CVE, NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access, low attack complexity, low privileges, and no user interaction to exploit. The vulnerability can potentially lead to complete compromise of confidentiality, integrity, and availability of the affected system (NVD).

If successfully exploited, this vulnerability could allow an attacker to gain elevated privileges on the affected system. The attacker could then gain the same user rights as the local user, with users having administrative rights being more severely impacted than those with fewer user rights (NVD).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate security updates for their specific Windows version. The updates are available through the Microsoft Update Catalog and Windows Update (MSRC Advisory).