Home

Description

An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping proper TLS chain validation.

PUBLISHED Reserved 2025-06-16 | Published 2025-09-15 | Updated 2025-09-15 | Assigner mitre

References

shinycolumn.notion.site/eagleeyes-lite

github.com/shinyColumn/CVE-2025-50944

cve.org (CVE-2025-50944)

nvd.nist.gov (CVE-2025-50944)

Download JSON