CVE-2020-0957: 
vulnerability analysis and mitigation

CVE-2020-0957 is an elevation of privilege vulnerability that exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. The vulnerability was discovered and reported to Microsoft in November 2019, and was publicly disclosed in April 2020. This vulnerability affects multiple Windows operating systems including Windows 7 SP1, Windows Server 2008 SP2, and Windows Server 2008 R2 SP1 (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Under CVSS v2.0, it received a base score of 7.2 (HIGH) with the vector (AV:L/AC:L/Au:N/C:C/I:C/A:C). The vulnerability requires local access and low privileges to exploit, with no user interaction needed (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in kernel mode, potentially gaining elevated privileges on the affected system. This level of access would enable an attacker to install programs, view, change, or delete data, and create new accounts with full user rights (Talos).

Microsoft has released security patches to address this vulnerability as part of their April 2020 Patch Tuesday updates. Users and system administrators are strongly advised to apply the available security updates to affected systems (MSRC).