MiniPlasma Zero-Day Grants SYSTEM on Patched Windows — PoC Released

Security researcher Chaotic Eclipse has released a working proof-of-concept exploit for a Windows privilege escalation zero-day that allegedly bypasses a patch Microsoft shipped six years ago. The vulnerability, dubbed MiniPlasma, affects the Windows Cloud Files Mini Filter Driver and grants SYSTEM-level access on fully updated Windows 11 systems.

The exploit works reliably on machines running the latest May 2026 Patch Tuesday updates, according to independent testing by security researcher Will Dormann.

A Patch That Never Was

MiniPlasma targets cldflt.sys, specifically a routine called HsmOsBlockPlaceholderAccess. The same component was the subject of a Google Project Zero report back in September 2020, when researcher James Forshaw identified the flaw and reported it to Microsoft.

Microsoft assigned CVE-2020-17103 and claimed to have addressed the issue in December 2020. But according to Chaotic Eclipse's analysis, "the exact same issue is actually still present, unpatched."

Whether Microsoft never fully patched the bug or silently rolled back the fix remains unclear. The researcher noted uncertainty about how a six-year-old "patched" vulnerability remains exploitable: "I'm unsure if Microsoft just never patched the issue or the patch was silently rolled back."

This isn't an isolated case. Microsoft patched a related vulnerability in the same driver, CVE-2025-62221, as recently as December 2025 with a CVSS score of 7.8.

How the Exploit Works

The attack exploits a race condition in how cldflt.sys handles registry key creation through an undocumented CfAbortHydration API. By winning the race, an attacker can escalate from standard user to SYSTEM privileges.

BleepingComputer tested the publicly available PoC on a fully patched Windows 11 Pro system. Using a standard user account, the exploit successfully spawned a command prompt running as SYSTEM.

The race condition nature means success rates vary depending on system load and timing, but the exploit proves reliable enough for practical attacks. Interestingly, the exploit does not appear to work on the latest Windows 11 Insider Preview Canary builds, suggesting Microsoft may have quietly addressed the issue in pre-release code without backporting the fix.

Chaotic Eclipse's Track Record

This marks the third significant Windows zero-day disclosure from Chaotic Eclipse in 2026. The researcher previously released YellowKey and GreenPlasma, which targeted BitLocker bypass and privilege escalation. Earlier, RedSun demonstrated how Windows Defender's cloud rollback mechanism could be abused for SYSTEM access.

The pattern suggests a researcher frustrated with Microsoft's vulnerability handling process. Each disclosure has come with public PoC code on GitHub, giving defenders limited time to implement workarounds before attackers weaponize the techniques.

What Administrators Should Do

Microsoft has not yet issued an advisory or CVE for MiniPlasma. Until an official patch arrives:

1. Monitor for exploitation - Watch for unusual activity involving cldflt.sys or Cloud Files functionality
2. Limit local access - The exploit requires local user access, making phishing and initial access vectors the primary concern
3. Test Canary builds - Organizations in the Windows Insider program should verify whether pre-release builds mitigate the issue
4. Review EDR alerts - Privilege escalation to SYSTEM from standard user accounts should trigger investigation

Why This Matters

MiniPlasma joins a growing list of Windows vulnerabilities where patches either fail to fully address the underlying issue or get inadvertently regressed. The BlueHammer, RedSun, and UnDefend Defender zero-days earlier this year demonstrated similar problems with Microsoft's patch completeness.

For organizations running hybrid cloud environments, the cldflt.sys driver handles cloud file synchronization and placeholder files—functionality deeply integrated into Windows. A privilege escalation in this component could have particular impact on systems using OneDrive, Azure Files, or third-party cloud storage providers that leverage the Windows Cloud Filter API.

The exploit code is public. Expect integration into post-exploitation frameworks within days.