VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

MiniPlasma: 0-day in cldflt.sys enables SYSTEM escalation on patched Windows

MiniPlasma: 0‑day в cldflt.sys даёт эскалацию до SYSTEM на патченных Windows

Colleagues — a PoC for the MiniPlasma 0-day has emerged, enabling SYSTEM escalation on fully patched Windows. The flaw lies in cldflt.sys (HsmOsBlockPlaceholderAccess). Initially reported by James Forshaw (Google Project Zero) in 2020 and tracked as CVE-2020-17103, it was believed fixed, but the PoC demonstrates the bug persists. Technically, a race condition: the PoC spawns a SYSTEM shell; Will Dormann reports it works on Windows 11 with May 2026 updates. Likely affects multiple Windows versions. Impact: local LPE on patched machines raises risk of full compromise. Recommended: track Microsoft patches, restrict privileges, and tighten monitoring/EDR. How will you respond? #cybersecurity #Windows #vulnerabilities #infosec

Latest comments

No comments yet.