Nssm-2.24 Privilege — Escalation [work]

The privilege escalation vulnerability in 2.24 stems primarily from or weak permissions on the service executable .

The first step for any local attacker is enumeration. A low-privileged user runs a series of commands to identify weak spots: nssm-2.24 privilege escalation

Run the following command to correct permissions on your service folder: The privilege escalation vulnerability in 2

The is a popular, lightweight tool used to turn Windows applications, scripts, and batches into managed services. By managing the service lifecycle, it ensures applications restart automatically if they crash. However, older versions, specifically NSSM 2.24 , have been associated with a critical vulnerability— Local Privilege Escalation (LPE) —that can allow a low-privileged user to gain NT AUTHORITY\SYSTEM rights. By managing the service lifecycle, it ensures applications

The most critical vulnerability is formally identified as CVE-2025-41686. Published on August 12, 2025, this flaw has been assigned a CVSS v3.1 base score of .

In a typical penetration testing or attack scenario, the exploit follows a predictable lifecycle. 1. Identifying the Vulnerable Service