CVE-2020-1467: 
vulnerability analysis and mitigation

CVE-2020-1467 is a Windows Hard Link Elevation of Privilege Vulnerability discovered and disclosed in 2020. This vulnerability exists when Windows improperly handles hard links, affecting multiple versions of Windows including Windows 10, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and various Windows Server versions (NVD).

The vulnerability has received a CVSS v3.1 base score of 7.8 (High) from NIST with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, while Microsoft assigned it a Critical severity with a CVSS score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). The vulnerability requires local access and allows an attacker to exploit improper handling of hard links in Windows (NVD).

When successfully exploited, this vulnerability allows an attacker to overwrite targeted files leading to an elevated status and potentially take control of an affected system. The impact is particularly severe as it can lead to complete system compromise with high confidentiality, integrity, and availability impacts (NVD).

Microsoft has addressed this vulnerability by releasing a security update that corrects how Windows handles hard links. The fix is available through various KB updates for affected Windows versions (Rapid7).