Skip to content

Add template to detect weak service binary permissions#15381

Open
domwhewell-sage wants to merge 5 commits intoprojectdiscovery:mainfrom
domwhewell-sage:windows-service-binary
Open

Add template to detect weak service binary permissions#15381
domwhewell-sage wants to merge 5 commits intoprojectdiscovery:mainfrom
domwhewell-sage:windows-service-binary

Conversation

@domwhewell-sage
Copy link
Contributor

@domwhewell-sage domwhewell-sage commented Feb 18, 2026

PR Information

If service binary's are modifiable by standard users this can facilitate privilege escalations

Template validation

  • Validated with a host running a vulnerable version and/or configuration (True Positive)
  • Validated with a host running a patched version and/or configuration (avoid False Positive)

Additional Details (leave it blank if not applicable)

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.7.0

                projectdiscovery.io

[INF] Current nuclei version: v3.7.0 (latest)
[INF] Current nuclei-templates version: v10.3.9 (latest)
[INF] New templates added in latest release: 182
[INF] Templates loaded for current scan: 1
[INF] Executing 1 signed templates from sage
[weak-service-binary-permissions] [code] [high]  ["BUILTIN\\Users can Modify, Synchronize the service binary at C:\\ProgramData\\VulnerableService3.exe for service 'Vulnerable Service 3'"]
[INF] Scan completed in 2.1170974s. 1 matches found.

Additional References:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@domwhewell-sage

Comments