Update any software bundling NSSM to the latest versions (e.g., Phoenix Contact DaUM version or later).
version 2.24, a popular Windows tool used to run applications as services. Although NSSM 2.24 has been a standard release for years, recent security advisories in 2024 and 2025 have highlighted critical privilege escalation risks when it is bundled with other software. National Institute of Standards and Technology (.gov) Review of NSSM 2.24 Privilege Escalation Risks nssm224 privilege escalation updated
The vulnerability exists due to an incorrect handling of service configuration files. Specifically: Update any software bundling NSSM to the latest versions (e