MiniPlasma Zero-Day Enables SYSTEM Privilege on Windows
🛡️Chaotic Eclipse has published a proof-of-concept for a Windows privilege escalation zero-day, dubbed MiniPlasma, which targets the Cloud Files Mini Filter Driver (cldflt.sys) in the HsmOsBlockPlaceholderAccess routine. Originally reported to Microsoft in September 2020 and linked to CVE-2020-17103, the researcher says the exact issue remains unpatched. Tests show it can spawn a SYSTEM shell on fully patched Windows 11 systems running May 2026 updates, though success rates vary due to a race condition.
