Nssm-2.24 Privilege: Escalation ((link))

NSSM version 2.24 does not have inherent privilege escalation vulnerabilities in its code, but it is frequently used in local privilege escalation scenarios due to misconfigurations like insecure file permissions, unquoted service paths, or placement in writable folders. While often flagged by security tools, mitigation involves upgrading to the 2.25 pre-release, auditing permissions, and securing service paths. For specific bugs and fixes, refer to the NSSM Bug Tracker. Bugs - NSSM - the Non-Sucking Service Manager

If you want, I can:

Conclusion: Legacy Tools, Modern Risks

NSSM 2.24 is a textbook example of how a small oversight in a utility tool can lead to a full domain compromise. The privilege escalation vector is trivial to exploit yet devastating in impact. While the maintainers fixed the issue years ago, the software supply chain is messy. nssm-2.24 privilege escalation

Audit Services: Use sc qc [ServiceName] to check for unquoted paths or insecure binary locations. NSSM version 2