CVE-2025-44964
LowCVSS 3.9Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
Lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-in-the-middle attack and obtain sensitive information.
Risk Assessment
The organization is at risk of data leakage, including passwords, tokens, and other sensitive information transmitted by the application, potentially leading to security breaches and financial losses.
Recommendation
Immediately update BlueStacks to the latest version that includes the SSL certificate validation fix, and consider using additional encryption mechanisms and network traffic monitoring.
Original NVD description (English source)
A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.

