Unquoted service path in Windows sensors #5
Description
Windows sensors will install a new service called impulse-agentd.
This service is executing the nssm.exe binary. However, the service does not quote the service path. This may lead to a Windows privilege escalation if an attacker would be able to create a malicious file located at C:\Program.exe. This is usually not possible by a low privileged user account.
Nonetheless, I recommend quoting the service path for security best practices.
