Cisco Blogs
Share

Vulnerability Spotlight: BlueStacks App Player Privilege Escalation


August 10, 2016 - 1 Comment

Discovered by Marcin ‘Icewall’ Noga of Cisco Talos

Talos is releasing an advisory for a vulnerability in BlueStacks App Player. (TALOS-2016-0124/CVE-2016-4288). The BlueStacks App Player is designed to enable Android applications to run on Windows PCs and Macintosh computers. It’s commonly used to run popular Android games on these platforms.

Details

A weak registry key permission vulnerability exists in the BlueStacks application. By default the BlueStack installer sets a weak permission to the registry key, which contains InstallDir reg value, this can be used later by the BlueStacks service component. This default configuration gives a malicious user the ability to modify this value, which can lead to privilege escalation.

Read More>>



Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

  1. BlueStacks has addressed this issue from release version 2.4.43.6254 onwards, which is publicly available for download from http://www.bluestacks.com/. In addition to providing software updates for our installed base, we are actively advising existing users to upgrade to the latest release available for download from http://www.bluestacks.com/. Thank you BlueStacks Support