Nssm-2.24 Privilege Escalation

The core issue arises because the service configuration created by NSSM often relies on the unquoted service path vulnerability or allows for the injection of commands/arguments that the Service Control Manager passes directly to the CreateProcess API.

: Ensure all service binary paths are wrapped in double quotes. nssm-2.24 privilege escalation

(Non-Sucking Service Manager) is a legitimate tool used to run any executable as a Windows service, it is frequently exploited for local privilege escalation (LPE) The core issue arises because the service configuration

: Windows will attempt to find and execute files along the path in order. For example, it might try to run C:\Program.exe For example, it might try to run C:\Program

DLL search-order or dependency hijack

: If a low-privileged user has write access to the root directory (e.g., C:\ ), they can place a malicious binary named Program.exe there. When the service restarts, Windows executes the malicious file with the elevated privileges of the service (often LocalSystem ). 2. Insecure Permissions on NSSM.exe Pelco VideoXpert 1.12.105 - Local Privilege Escalation

Shop Ninja

Atomos shop is now available in Australia, EU, UK & USA.
Free Shipping for orders over $70!

For a reseller in your area, see here

Select your country