CVE Catalog

CVE-2025-44964

LowCVSS 3.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.10%

1th percentile — higher than 1% of all known CVEs

Summary

Lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-in-the-middle attack and obtain sensitive information.

Risk Assessment

The organization is at risk of data leakage, including passwords, tokens, and other sensitive information transmitted by the application, potentially leading to security breaches and financial losses.

Recommendation

Immediately update BlueStacks to the latest version that includes the SSL certificate validation fix, and consider using additional encryption mechanisms and network traffic monitoring.

Original NVD description (English source)

A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS