Nssm-2.24 Privilege Escalation Jun 2026

NSSM (Non-Sucking Service Manager) version 2.24 is a popular lightweight tool used to run applications as Windows services. While the core binary itself is often considered secure, it is frequently a centerpiece in attacks due to common misconfigurations and its role as a service wrapper. The Core Vulnerability: Improper Permissions

Upon a service restart or a system reboot, the Windows Service Control Manager executes the replaced binary with high privileges, granting the attacker a SYSTEM level shell. Unquoted Service Paths nssm-2.24 privilege escalation

: The attacker checks the permissions of the executable path using icacls "C:\Path\To\nssm.exe" . NSSM (Non-Sucking Service Manager) version 2

# Start the service nssm_command = 'nssm start service_name' os.system(nssm_command) nssm-2.24 privilege escalation