MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Summary
A new Windows zero-day vulnerability, dubbed MiniPlasma, has been disclosed by researcher Chaotic Eclipse. This flaw allows attackers to achieve SYSTEM privilege escalation on fully patched Windows systems by exploiting the Cloud Files Mini Filter Driver (cldflt.sys). A proof-of-concept (PoC) has been released, increasing the immediate risk to affected systems.
IFF Assessment
This vulnerability allows attackers to gain SYSTEM privileges, representing a critical compromise that is bad news for defenders.
Severity
This is an estimated CVSS score. The vulnerability allows for SYSTEM privilege escalation, which is critical. The attack vector is likely local (AV:L) but could potentially be leveraged remotely in some contexts. The exploitability is high due to the PoC release, and the impact on confidentiality, integrity, and availability is severe.
Defender Context
Defenders should be aware of the MiniPlasma zero-day, which grants attackers SYSTEM privileges on Windows systems. The public release of a PoC means exploitation is imminent. Organizations need to monitor for potential exploitation attempts and prioritize patching or mitigating this flaw once vendor updates are available.