On a vulnerable system, this file will be created by SYSTEM . On a patched system, NSSM will reject the change due to validation errors. NSSM 2.24 is a textbook example of how a small oversight in a utility tool can lead to a full domain compromise. The privilege escalation vector is trivial to exploit yet devastating in impact. While the maintainers fixed the issue years ago, the software supply chain is messy.
However, (released several years ago) contains a specific, reproducible privilege escalation vulnerability that has flown under the radar for many organizations. While the maintainers have since addressed this in later versions, countless legacy systems and poorly maintained servers still run NSSM 2.24. nssm-2.24 privilege escalation
The attacker runs: