To mitigate this vulnerability:
If an attacker can modify the ImagePath or Application parameter of an existing NSSM-managed service (or create a new one), they can execute arbitrary commands as SYSTEM or LOCAL SERVICE (depending on the service’s configured account). nssm224 privilege escalation updated
Penetration testers have refined the nssm224 attack chain. Here is the modern methodology: To mitigate this vulnerability: If an attacker can