Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
Windows sensors will install a new service called impulse-agentd.
This service is executing the nssm.exe binary. However, the service does not quote the service path. This may lead to a Windows privilege escalation if an attacker would be able to create a malicious file located at C:\Program.exe. This is usually not possible by a low privileged user account.
Nonetheless, I recommend quoting the service path for security best practices.
Windows sensors will install a new service called
impulse-agentd
.This service is executing the
nssm.exe
binary. However, the service does not quote the service path. This may lead to a Windows privilege escalation if an attacker would be able to create a malicious file located atC:\Program.exe
. This is usually not possible by a low privileged user account.Nonetheless, I recommend quoting the service path for security best practices.