Exploitation for Priv-Esc × Microsoft Windows 11

A publicly-reported instance of Exploitation for Priv-Esc bypassing Microsoft Windows 11, recorded with its original source. Factual record; no assessment of any specific deployment.

Product

Microsoft Windows 11

Technique

Exploitation for Priv-Esc

MITRE ATT&CK

T1068

Confidence

High

Severity

Critical

Status

poc

Disclosed

2026-05-18

Config / version noted

Not stated

Provenance

thehackernews.com
disclosed 2026-05-18 · original source · via brave
cybersecurefox.com
disclosed 2026-05-20 · original source · via brave
digitrendz.blog
disclosed 2026-05-19 · original source · via brave
securityweek.com
disclosed 2026-05-18 · original source · via brave
cybersecuritynews.com
disclosed 2026-05-18 · original source · via brave
easternherald.com
disclosed 2026-05-18 · original source · via brave
threataft.com
disclosed 2026-05-31 · original source · via exa

Reported as

MiniPlasma is a newly disclosed zero-day exploit that revives a 2020 vulnerability in the Windows cldflt.sys driver to achieve SYSTEM privilege escalation on fully patched Windows 11 systems

Mechanism

Exploits a flaw in the cldflt.sys driver (originally from 2020) to escalate privileges to SYSTEM, bypassing current Windows patches.

Detection & mitigation

Monitor for unexpected SYSTEM-level processes spawned from low-integrity or user-mode processes, especially those interacting with the cldflt.sys driver. Deploy endpoint detection rules that alert on privilege escalation exploits targeting kernel drivers, and ensure patch management processes are supplemented with behavior-based exploit prevention.

Exploitation for Priv-Esc has also been recorded against

Apple Atlassian Bitdefender Broadcom (Symantec)Comodo Security ConnectWise CrowdStrike Elastic ESET F5 Fortinet Google

This is a record of a publicly-reported event, not an assessment of any specific organization's deployment. Detection and mitigation notes are drawn from the cited source. Where the source is silent, fields are omitted.