CVE-2019-25293

HIGH

BlueStacks App Player 2.4.44.62.57 - Local Privilege Escalation

Title source: llm
STIX 2.1

Description

BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe to inject malicious executables and escalate privileges.

Exploits (1)

exploitdb WRITEUP
by Diego Armando Buztamante Rico · textlocalwindows
https://www.exploit-db.com/exploits/47582

References (4)

Scores

CVSS v3 7.8
EPSS 0.0002
EPSS Percentile 4.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-428
Status published
Products (1)
bluestacks/Blue Stacks App Player 2.4.44.62.57
Published Feb 06, 2026
Tracked Since Feb 18, 2026