Windows MiniPlasma Zero-Day Grants SYSTEM Access

Windows MiniPlasma Zero-Day Grants SYSTEM Access

Researcher Chaotic Eclipse released proof-of-concept exploit code for a Windows privilege escalation zero-day dubbed MiniPlasma, affecting fully patched systems including the latest May 2026 builds. The flaw targets the Cloud Filter driver (cldflt.sys) and appears to be an unpatched remnant of CVE-2020-17103, originally reported by Google Project Zero in 2020. Independent testing confirms the exploit successfully elevates standard user accounts to SYSTEM privileges on Windows 11 Pro.

This marks the latest in a series of zero-day disclosures by the researcher, following BlueHammer, RedSun, YellowKey, and GreenPlasma exploits released since April. Previous exploits from this series have already been observed in active attacks.

️ Open sources - closed narratives

@sitreports

Source: Telegram "sitreports"