Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched Windows systems.
Codenamed MiniPlasma, the vulnerability impacts "cldflt.sys," which refers to the Windows Cloud Files Mini Filter Driver, and resides in a routine named "HsmOsBlockPlaceholderAccess." It was originally reported to Microsoft by Google Project Zero researcher James Forshaw in September 2020.
Although it was assumed that the shortcoming was fixed by Microsoft in December 2020 as part of CVE-2020-17103, Chaotic Eclipse said further investigation has uncovered that the "exact same issue [...] is actually still present, unpatched."
Further information can be found at:
https://thehackernews.com/2026/05/minip ... ystem.html
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
-
Starburst-David
- Posts: 53
- Joined: Wed Feb 11, 2026 8:31 pm