CVE-2020-1013: 
vulnerability analysis and mitigation

CVE-2020-1013 is an elevation of privilege vulnerability in Microsoft Windows that was disclosed on September 11, 2020. The vulnerability exists when Microsoft Windows processes group policy updates. This security flaw affects multiple versions of Windows including Windows 10, Windows Server 2016, and Windows Server 2019 (NVD).

The vulnerability has a CVSS v3.1 Base Score of 8.1 (HIGH) with vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H as assessed by NIST. Microsoft's own assessment gives it a slightly lower score of 7.5 (HIGH) with vector string CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability requires an attacker to launch a man-in-the-middle (MiTM) attack against traffic passing between a domain controller and the target machine (NVD).

If successfully exploited, this vulnerability could allow an attacker to escalate permissions or perform additional privileged actions on the target machine. The attacker could create a group policy to grant administrator rights to a standard user (NVD).

Microsoft addressed this vulnerability by enforcing Kerberos authentication for certain calls over LDAP. The fix was released through security updates for affected Windows versions (NVD).