Nssm224 Privilege Escalation Updated -

: A high-severity flaw (CVSS 7.8) where improper permissions on nssm.exe allowed low-privileged local attackers to gain administrative access.

Check service security descriptor:

(Updated 2026) Verified exploitation via "Everyone" group full access to service binaries. CVE-2016-8742 Apache CouchDB Local users could substitute due to inherited parent directory permissions. How to Defend Your Systems nssm224 privilege escalation updated

This grants full control only to SYSTEM and Administrators. : A high-severity flaw (CVSS 7

Look for (A;;RPWP;;;WD) or (A;;RPWPDT;;;AU) – these allow authenticated users to modify service configuration. WD) or (A

When NSSM 2.24 installs a service pointing to a path containing spaces (e.g., C:\Program Files\MyApp\run.bat ) without quotes, Windows parses the path ambiguously.

: Comprehensive guides on how these escalations work and how to defend against them.