MiniPlasma Zero-Day Vulnerability Allows Privilege Escalation on Windows Systems

Security researcher Chaotic Eclipse disclosed a Windows privilege escalation zero-day vulnerability, codenamed MiniPlasma, which allows attackers to gain SYSTEM privileges on fully patched Windows systems. The flaw affects the cldflt.sys component, known as the Windows Cloud Files Mini Filter Driver. A proof-of-concept (PoC) exploit was released alongside the disclosure, though no CVE ID or patch date was specified. The vulnerability was revealed following the researcher’s prior disclosures of Windows flaws, YellowKey and GreenPlasma. No specific Windows versions or affected systems were detailed beyond the driver’s involvement. The impact enables unauthorized privilege escalation without additional context on exploitation requirements.