HIGH🇬🇧 English

CVE-2016-4288

CVSS 8.4v3.0pub. 2017-01-06upd. 2026-05-06

A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary programs with SYSTEM privileges.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Bluestacks

    APP
    Bluestacks
    2.1.3.5650
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPE
CWE
Referencje

Powiązane podatności

CVE-2020-24367HIGH7.8ten sam produkt

Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privile...

CVE-2018-0701HIGH8.8ten sam produkt

BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0...

CVE-2019-25548MEDIUM6.9ten sam produkt

BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the app...

CVE-2019-14220MEDIUM6.5ten sam produkt

An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks e...

CVE-2025-44964LOW3.9ten sam produkt

A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attac...