Updated - Nssm224 Privilege Escalation
An attacker could exploit this vulnerability by creating a specially crafted configuration file and placing it in a directory that NSSM reads from. When NSSM reads the configuration file, it could execute the attacker's malicious code with elevated privileges.
NSSM is a service manager for Windows that allows you to easily install, configure, and manage services. In 2019, a security researcher discovered a vulnerability in NSSM version 224 that could allow an attacker to escalate privileges on a system. nssm224 privilege escalation updated
You're referring to a paper about a privilege escalation vulnerability in NSSM (Non-Sucking Service Manager) version 224. An attacker could exploit this vulnerability by creating
The vulnerability, tracked as CVE-2019-1253, is related to the way NSSM handles service configuration files. Specifically, the vulnerability occurs when NSSM reads configuration files from a directory that is not properly secured, allowing an attacker to inject malicious configuration data. In 2019, a security researcher discovered a vulnerability
コメント
参考になる記事なのですがスペルミス・誤字が気になり勿体ないので失礼ながら簡潔に指摘させて頂きます。
スペルミス: Resokume Soures Randam Resolime
誤字: それほど悪い変では無いように思えます。
ご指摘ありがとうございます。沢山誤字がありました……。
該当箇所を修正いたしました。今後ともよろしくおねがいいたします。