Nssm-2.24 | Privilege Escalation

A service is created using NSSM to run under the LocalSystem account.

NSSM is designed to manage services on Windows systems, offering features such as service monitoring, automatic restarts, and improved error handling. It is particularly popular in environments where services need to be managed with high reliability and flexibility, such as in server and enterprise settings. NSSM allows administrators to easily configure and manage services, making it a valuable tool for system administrators. nssm-2.24 privilege escalation

: A known advisory (ZSL-2017-5418) highlighted how NSSM 2.24 in this software suite allowed non-privileged users to execute arbitrary code by replacing binaries in writable paths. Key Technical Details Vulnerable Version NSSM 2.24 (often bundled with third-party software) Common Path A service is created using NSSM to run