CVE-2025-50944

Published September 15th, 2025

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping proper TLS chain validation.

shinyColumn/CVE-2025-50944

Improper Certificate Chain Validation in EagleEyes Lite Android Application

GitHub