Nssm-2.24 | Privilege Escalation !!link!!

: An attacker with low-level write access to the root directory (e.g., C:\ ) can place a malicious executable named Program.exe . When the service restarts, it will run the attacker's code with the privileges of the service account, typically SYSTEM . 2. Service Binary Hijacking

: If a service path contains spaces (e.g., C:\Program Files\NSSM\nssm.exe ) and is not enclosed in double quotes, Windows will look for executables at every break. nssm-2.24 privilege escalation