Description:
A researcher has published a proof-of-concept (PoC) exploit code for a zero-day vulnerability (known as "MiniPlasma") in Microsoft Windows Cloud Files Mini Filter Driver. This vulnerability could allow an attacker to gain SYSTEM privileges on Windows systems.
Reports indicated that the proof-of-concept (PoC) exploit code for an elevation of privilege vulnerability (known as "MiniPlasma") is publicly available and it is at high risk of exploitation. System administrators are advised to follow the recommendations provided by the vendors to mitigate the elevated risk of cyber attacks.
Affected Systems:
- Microsoft Windows 10, 11
- Microsoft Windows Server 2019 and later
Impact:
Successful exploitation of the vulnerability could lead to elevation of privilege on an affected system.
Recommendation:
System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
More Information:
- https://github.com/Nightmare-Eclipse/MiniPlasma
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17103
