[2] Local service accounts can interact with various components of the operating system, which makes coordination of password changes difficult.
[3] In practice this causes passwords for service accounts to rarely be changed, which poses a considerable security risk for an organization.
Such privileged identities often have extensive access to an organization's underlying data stores laying in applications or databases.
[3] Passwords for such accounts are often built and saved in plain textfiles, which is a vulnerability which may be replicated across several servers to provide fault tolerance for applications.
This vulnerability poses a significant risk for an organization since the application often hosts the type of data which is interesting to advanced persistent threats.