MiniPlasma Windows Zero-Day Grants SYSTEM Privileges on Fully Patched Systems

Researcher “Chaotic Eclipse” has released a public proof-of-concept exploit for MiniPlasma, a Windows privilege escalation zero-day that grants SYSTEM privileges on fully patched systems. The vulnerability targets cldflt.sys (Windows Cloud Files Mini Filter Driver) and is the third Windows flaw disclosed by this researcher after YellowKey and GreenPlasma.

No Microsoft patch is currently available. The public PoC substantially lowers the exploitation bar. Defenders should monitor for suspicious activity involving cldflt.sys, flag anomalous privilege escalation attempts, and apply any forthcoming Microsoft patch as a priority.