CVE-2025-70045
Improper Certificate Validation in jxcore jxm Enables TLS Bypass
Publication date: 2026-02-23
Last updated on: 2026-02-26
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jxcore | jxm | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-70045 is an Improper Certificate Validation vulnerability (CWE-295) found in the jxcore jxm master version.'}, {'type': 'paragraph', 'content': "The vulnerability occurs because the application disables TLS/SSL certificate validation by setting the HTTPS request option 'rejectUnauthorized' to false when 'jx_obj.IsSecure' is true."}, {'type': 'paragraph', 'content': "This means that even when a secure connection is expected, the application does not properly verify the authenticity of the server's certificate."}] [2]
How can this vulnerability impact me? :
This vulnerability allows man-in-the-middle (MITM) attackers to spoof servers and intercept sensitive data.
Because the application does not validate TLS/SSL certificates properly, attackers can impersonate legitimate servers and capture or manipulate data that should be secure.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by inspecting the source code or runtime configuration of the jxcore jxm application to check if the HTTPS request option 'rejectUnauthorized' is set to false when 'jx_obj.IsSecure' is true."}, {'type': 'paragraph', 'content': 'Since the issue involves improper TLS/SSL certificate validation, you can also monitor network traffic for signs of man-in-the-middle (MITM) attacks or unexpected certificate warnings.'}, {'type': 'paragraph', 'content': "Suggested commands to detect the vulnerability include searching the codebase for the 'rejectUnauthorized' setting:"}, {'type': 'list_item', 'content': "grep -r 'rejectUnauthorized' /path/to/jxm/source"}, {'type': 'list_item', 'content': 'Check runtime environment or logs for any overrides or configurations disabling certificate validation.'}, {'type': 'paragraph', 'content': 'Additionally, network monitoring tools like Wireshark can be used to detect suspicious TLS traffic that may indicate exploitation attempts.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': "To mitigate this vulnerability, immediately ensure that the HTTPS request option 'rejectUnauthorized' is set to true or removed so that TLS/SSL certificate validation is properly enforced."}, {'type': 'paragraph', 'content': "Review and update the jxcore jxm application code or configuration to prevent disabling certificate validation when 'jx_obj.IsSecure' is true."}, {'type': 'paragraph', 'content': 'If possible, update to a fixed or patched version of the jxm software once available.'}, {'type': 'paragraph', 'content': 'In the meantime, monitor network traffic for unusual activity and consider using additional network security controls to detect and prevent man-in-the-middle attacks.'}] [2]