MiniPlasma, a powerful LPE

1 min read Original article ↗

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

This one is accidental, I didn't even think cldflt.sys had that vulnerability. Turns out CVE-2020-17103 patch is just not present at all ?

The new PoC was tested against fully patched Windows 11 and Windows Server 2025 and managed to flawlessly spawn a SYSTEM shell.

https://github.com/Nightmare-Eclipse/MiniPlasma

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRJTvAf/AWVhAKEeb7FFoRCS0/SbAUCaggLWQAKCRDFFoRCS0/S

bHKSAP4/bkKYCDTKZvq5WoUsWKuYgWBvlfun8KYJtNgYREezVAEAj8cg30Pjcjcu

REzr4eniahPoc6bleEEos0PwVOUa5AA=

=oct9

-----END PGP SIGNATURE-----