How to fix CVE-2025-44964?

During next maintenance window: Apply vendor patches when convenient. Monitor vendor channels for updates.

Is Bluestacks affected by CVE-2025-44964?

CVE-2025-44964 is a low-severity vulnerability in BlueStacks (CVSS 3.9). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation. Apply vendor updates when available as part of routine maintenance.

Bluestacks CVE-2025-44964

LOW

Improper Certificate Validation (CWE-295)

2025-08-05 [email protected]

Information Disclosure Bluestacks

3.9

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 19:05 vuln.today

CVE Published

Aug 05, 2025 - 15:15 nvd

LOW 3.9

DescriptionNVD

A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.

AnalysisAI

A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information. Rated low severity (CVSS 3.9). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-295. A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information. Affected products include: Bluestacks.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-44964 vulnerability details – vuln.today

Back