CVE-2020-0863: 
vulnerability analysis and mitigation

CVE-2020-0863 is an information disclosure vulnerability that exists in the Windows Connected User Experiences and Telemetry Service. The vulnerability was disclosed on March 12, 2020, affecting Windows 10 versions 1903 and 1909, along with Windows Server 2016 versions 1903 and 1909 (NVD).

The vulnerability occurs when the Diagnostic Tracking service in Windows reads configuration files from a user-controlled directory and copies them to a directory readable by everyone. While the write location cannot be changed, an attacker can manipulate the source file using oplocks and file junctions, causing the service to copy a file from a privileged area to a location readable by everyone. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (AttackerKB).

When successfully exploited, this vulnerability allows an attacker to access sensitive file information that they would not normally have permission to read. The impact is limited to confidentiality, with no direct effect on system integrity or availability (NVD).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate patches through Windows Update. The vulnerability was addressed by correcting how the Windows Connected User Experiences and Telemetry Service handles file information (NVD).