CVE-2021-1013: 
NixOS vulnerability analysis and mitigation

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates, identified as CVE-2020-1013. The vulnerability was disclosed and patched in September 2020, affecting various versions of Microsoft Windows including Windows 10 and Windows 7 SP1 (Microsoft Advisory).

The vulnerability allows attackers to potentially escalate permissions through group policy updates processing. It received a CVSS v3.1 base score of 8.1 (HIGH) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H according to NIST's assessment, while Microsoft rated it with a score of 7.5 (HIGH) with vector string CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD).

A successful exploitation of this vulnerability could allow an attacker to escalate permissions or perform additional privileged actions on the target machine. The attacker could potentially gain administrator rights for a standard user through manipulated group policy (NVD).

Microsoft has released a security update that addresses the vulnerability by enforcing Kerberos authentication for certain calls over LDAP. Users are advised to apply the available patches through Windows Update (Microsoft Advisory).