CVE-2020-1002: 
Microsoft System Center Endpoint Protection vulnerability analysis and mitigation

An elevation of privilege vulnerability exists in Microsoft Defender's MpSigStub.exe component that allows file deletion in arbitrary locations. The vulnerability was assigned CVE-2020-1002 and was disclosed in April 2020. This vulnerability affects various Microsoft security products including Windows Defender, Microsoft Security Essentials, and System Center Endpoint Protection (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H. The CVSS score indicates that the vulnerability requires local access, low attack complexity, and low privileges to exploit, with no user interaction needed. The impact primarily affects integrity and availability, with no direct impact on confidentiality (NVD).

If successfully exploited, this vulnerability could allow an authenticated attacker to delete files in arbitrary locations on the target system, potentially leading to elevation of privilege. The attacker would first need to log into the system to execute the exploit (NVD).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate security updates through Windows Update or Microsoft Update to protect their systems (Microsoft Advisory).