MiniPlasma

CVE-2020-17103 was a Microsoft-patched local privilege escalation in the Cloud Filter driver (cldflt.sys), reported by Google Project Zero's James Forshaw in 2020. The advisory from Microsoft claimed a fix had been issued. But a recent project called MiniPlasma re-examines that routine and finds the exact same vulnerability still exploitable on unpatched systems — or possibly even on fully updated ones, depending on whether the patch was actually applied or later rolled back.

The broader context for privilege escalation exploits in Windows kernel drivers is crowded. Tools like JuicyPotato, RogueWinRM, and various token-stealing PoCs have long been the go-to for researchers and red teams targeting older Windows versions. Most rely on specific service configurations or named pipe impersonation. Kernel-mode exploits are rarer because they require deep driver internals knowledge and are often version-specific. MiniPlasma stands apart by targeting a driver that ships with every modern Windows installation (the Cloud Filter driver), and by resurrecting a vulnerability that was supposedly already fixed.

What MiniPlasma does differently

MiniPlasma revisits a specific technique first demonstrated in an earlier PoC called GreenPlasma — specifically, the SetPolicyVal approach. The author investigated whether cldflt!HsmOsBlockPlaceholderAccess was still vulnerable after the CVE-2020-17103 patch. The result is sobering: the routine is still exploitable with no modifications to the original exploit logic. The author states it directly: "the exact same issue that was reported to Microsoft by Google project zero is actually still present, unpatched."

This sets MiniPlasma apart from other LPE tools in two ways. First, it is a direct test of patch efficacy, not just a new vulnerability. Second, it weaponizes the original Google PoC to spawn a SYSTEM shell, transforming a proof-of-concept into a functional escalation primitive. The project is written in C# and targets the Cloud Filter driver, which handles Windows 10 and 11's "cloud files" feature (OneDrive integration, file placeholders, etc.). That driver is present on virtually every consumer and enterprise Windows installation, giving MiniPlasma broad potential reach.

The author acknowledges uncertainty about whether Microsoft ever truly patched the hole or whether the fix was later reversed. Either outcome is disturbing from a security standpoint. The original Project Zero issue tracker entry (chromium issue 42451192) describes the vulnerability in detail, and MiniPlasma confirms that the same access control checks in HsmOsBlockPlaceholderAccess remain missing or bypassable.

The trade-offs

MiniPlasma is not a polished tool for daily drive use. It is a proof-of-concept, and the author is transparent about its reliability: "success rate may vary since it's a race condition." Race-condition exploits depend on timing windows that are inherently unreliable across different hardware and system load conditions. One machine may succeed every time; another may never work.

On the positive side, the exploit does not require any special configuration or disabled security features (like Defender or ASLR) to function. It targets a kernel driver, not a user-mode service, so it bypasses many sandbox and token restrictions. The author reports it works reliably on their machines, and the claim that "all Windows versions are affected" suggests a deep-seated issue in the driver's access control logic — not a version-specific quirk.

The main downside is the lack of a detailed breakdown of the vulnerability itself. The README does not explain the mechanics of HsmOsBlockPlaceholderAccess or why the original patch failed. For researchers who want to understand the root cause, the Project Zero issue link is essential supplementary reading. Additionally, there is no mention of testing against Windows 11 23H2 or the latest Insider builds, so the claim of universal impact remains an educated assertion rather than a tested guarantee.

Another trade-off: MiniPlasma is a weaponized exploit. It is not a detection tool or a passive scanner. Anyone deploying it on a test system should have proper authorization and containment in place, because it attempts to elevate privileges to SYSTEM.

What it ships with

The repository is minimal, so the feature list is short:

  • Single-target LPE — Elevates from a limited user context to a SYSTEM shell command.
  • C# implementation — Compiles with standard .NET tooling; no exotic dependencies.
  • Exact reproduction of the original Google PoC — No modifications required to trigger the vulnerability.
  • Race-condition based — Success depends on timing; not guaranteed on every run.
  • Works on all Windows versions (per the author's testing and analysis).
  • No external driver downloads — Exploits the built-in cldflt.sys already present on the system.
  • Publicly available source — The code is on GitHub with 447 stars at time of writing, indicating community interest.

If you want to try it

MiniPlasma is written in C# and targets the Windows kernel driver cldflt.sys, which is present by default on any modern Windows 10 or 11 installation. To test it, you need a Windows environment (physical or virtual) where you can compile and run a .NET console application. The project's README on GitHub provides no explicit install commands beyond the repository clone, so you will want to follow the link below and review the source directly. Build the project in Visual Studio or via dotnet build, run it from a non-elevated command prompt, and if the race condition hits, you should get a SYSTEM shell.

The source is available on GitHub. Anyone researching Windows kernel security or testing their environment's exposure to unpatched CVEs will find MiniPlasma a straightforward, no-frills proof-of-concept that exposes a six-year-old vulnerability still present in one of the most widely deployed drivers on the Windows platform.