Bluestacks update fixes vulnerabilities

Updated date: 19-10-2021

Summary

Impact of Vulnerability  Escalation of privilege vulnerability in BlueStacks
CVE Numbers  
Severity Rating High
CVSS v3 Base / Temporal Scores: Base: 8.2
Recommendations Install or update to the latest BlueStacks App Player
Affected Versions Windows: BlueStacks 5.1.0 and below
Location of Updated Software https://www.bluestacks.com/download.html


Description 

There is a potential sandbox escape caused by the fact that BlueStacks in its default configuration mounts the current Windows user's Documents folder as read-write.

Remediation

Windows
Download the product from http://www.bluestacks.com/download.html. Install the updated Bluestacks Player using the usual update path.

Workaround

● Download the latest version of BlueStacks from the website.

Acknowledgments

Maciej Miszczyk

CVSS Scoring

Base Score 8.2
Attack Vector (AV) Local (L)
Attack Complexity (AC) Low (L)
Privileges Required (PR) Low (L)
User Interaction (UI) Required (R) 
Scope (S) Changed (C)
Confidentiality (C) High (H)
Integrity (I) High (H)
Availability (A) High (H)


https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:W/RC:C


Updated Date: 09-04-2021

Summary

Impact of Vulnerability  Escalation of privilege vulnerability in BlueStacks
CVE Numbers  CVE-2020-24367
Severity Rating High
CVSS v3 Base / Temporal Scores: Base: 8.2
Recommendations Install or update to the latest BlueStacks App Player
Affected Versions MAC: BlueStacks 4.240 and below
Location of Updated Software https://www.bluestacks.com/download.html

Description 

Bluestacks 4 is vulnerable to privilege escalation attacks that allow an executable (Low Integrity) to interact with the privileged helper service (High Integrity) on MacOS. There are DYLB injection, a race condition in the authentication of the service due to the use of PID for authentication and the use of the "com.apple.security.get-task-allow" entitlement that allows any process to perform a thread hijacking attack on the application. 

Using these vulnerabilities an attacker can delete arbitrary folders / files on the host as root. There is another vulnerability due to insufficient checks during authentication when any process makes XPC requests.

Remediation 

MAC 

Download the product from http://www.bluestacks.com/download.html. Install the updated Bluestacks Player using the usual update path. 

Workaround 

  • Download the latest version of BlueStacks from the website . Acknowledgements 

Danny 'Rushyo' Moules 

CVSS Scoring

Base Score 8.2
Attack Vector (AV) Local (L)
Attack Complexity (AC) Low (L)
Privileges Required (PR) Low (L)
User Interaction (UI) Required (R) 
Scope (S) Changed (C)
Confidentiality (C) High (H)
Integrity (I) High (H)
Availability (A) High (H)


https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:W/RC:C


Updated date - 07-10-2020

Summary

Impact of Vulnerability  Escalation of privilege vulnerability in BlueStacks
CVE Numbers  CVE-2020-24367
Severity Rating High
CVSS v3 Base / Temporal Scores: Base: 8.2
Recommendations Install or update to the latest version of BlueStacks
Affected Versions Windows: BlueStacks 4.230 and below
Location of Updated Software https://www.bluestacks.com/download.html


Description

CVE-2020-24367

Bluestacks 4 is vulnerable to privilege escalation attacks that allow a local user on Windows
(“Low Integrity”) to induce the execution of code with administrative scope ("High Integrity") on
Windows 10. This is due to incorrect permissions set by Bluestacks when installed, which
allows any user (“Everyone”) to modify files that may later be executed with administrative
privileges.

Remediation

Workaround

Download the latest version of BlueStacks from https://www.bluestacks.com/download.html

Acknowledgments

Danny "Rushyo" Moules

CVSS Scoring

Base Score 8.2
Attack Vector (AV) Local (L)
Attack Complexity (AC) Low (L)
Privileges Required (PR) Low (L)
User Interaction (UI) Required (R)
Score (S) Changed (C)
Confidentiality (C) High (H)
Integrity (I) High (H)
Availability (A) High (H)

 

https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:P/RL:W/RC:C

 

Was this article helpful?
2 out of 2 found this helpful