Updated Date: 09-04-2021
|Impact of Vulnerability||Escalation of privilege vulnerability in BlueStacks|
|CVSS v3 Base / Temporal Scores:||Base: 8.2|
|Recommendations||Install or update to the latest BlueStacks App Player|
|Affected Versions||MAC: BlueStacks 4.240 and below|
|Location of Updated Software||https://www.bluestacks.com/download.html|
Bluestacks 4 is vulnerable to privilege escalation attacks that allow an executable (Low Integrity) to interact with the privileged helper service (High Integrity) on MacOS. There are DYLB injection, a race condition in the authentication of the service due to the use of PID for authentication and the use of the "com.apple.security.get-task-allow" entitlement that allows any process to perform a thread hijacking attack on the application.
Using these vulnerabilities an attacker can delete arbitrary folders / files on the host as root. There is another vulnerability due to insufficient checks during authentication when any process makes XPC requests.
Download the product from http://www.bluestacks.com/download.html. Install the updated Bluestacks Player using the usual update path.
- Download the latest version of BlueStacks from the website . Acknowledgements
Danny 'Rushyo' Moules
|Attack Vector (AV)||Local (L)|
|Attack Complexity (AC)||Low (L)|
|Privileges Required (PR)||Low (L)|
|User Interaction (UI)||Required (R)|
|Scope (S)||Changed (C)|
|Confidentiality (C)||High (H)|
|Integrity (I)||High (H)|
|Availability (A)||High (H)|