Nssm-2.24 Privilege Escalation Fixed Now

NSSM version 2.24 is vulnerable to local privilege escalation when installed with insecure file permissions, allowing low-privileged users to replace the executable and run malicious code as SYSTEM. The vulnerability stems from Weak Service Permissions where attackers modify the service binary path, requiring remediation via strict Access Control List (ACL) configuration on the executable directories. For more information, visit the official nssm.cc documentation.

: Move to NSSM 2.25 pre-release or a newer version to fix known handle leaks and Windows 10 bugs. nssm-2.24 privilege escalation

: Implement strict controls on who can modify service configurations. Only administrators should have the ability to create or modify services. NSSM version 2