HTB academy -> Windows Privilege Escalation -> Server Operators

Just a small question around the Server Operator group permissions.

The section content suggests checking Server Operators permissions for AppReadiness service (which runs as LocalSystem). I checked some other System services like BITS and figured out that the configuration differs. So, I ran the one-liner below and checked the results:

Get-Service | foreach { .\PsService.exe security $_.Name} > .\srv.txt

What I found is that some of LocalSystem services have this Server Operator permissions assignment (camsvc,COMSysApp etc), and some don’t. Just out of curiosity, why there’s such a difference, what is the logic behind? Looks weird.