: A known advisory (ZSL-2017-5418) highlighted how NSSM 2.24 in this software suite allowed non-privileged users to execute arbitrary code by replacing binaries in writable paths. Key Technical Details Vulnerable Version NSSM 2.24 (often bundled with third-party software) Common Path
Version 2.24 has several documented stability and security-related bugs that were addressed in the 2.25 pre-release builds: nssm-2.24 privilege escalation
Newer versions of NSSM (2.24 is the last stable release as of 2016; no official updates after) do not address these privilege escalation vectors. However, the problem is less about a bug in NSSM and more about combined with NSSM’s lack of built-in security hardening. Attackers target version 2.24 because: : A known advisory (ZSL-2017-5418) highlighted how NSSM 2
The payload runs as SYSTEM . The attacker now has a high-integrity shell, can dump LSASS for credentials, move laterally, or disable security tools. Attackers target version 2
If NSSM 2.24 is installed to manage a service, and the executable path contains spaces but is not surrounded by quotes, a local attacker can exploit this.
Multiple privilege escalation vulnerabilities (tracked as VDE-2025-063 and VDE-2025-059) exist in Phoenix Contact Device and Update Management (DaUM) versions prior to 2025.3.1 due to . The weakness is classified under CWE-306 — Missing Authentication for Critical Function , as the product does not perform any authentication for functionality that requires a provable user identity.
