CVE-2025-64121

Critical CVSS: 10.0

Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Authentication Bypass.This issue affects Multi-Stack Controller (MSC): from 2.3.8 before 2.5.1.

Vendor

Nuvationenergy

Product

Nplatform

CWE

CWE-288

Yayın Tarihi

2026-01-02 22:15:44

Güncelleme

2026-02-26 19:58:29

Source Identifier

ot-cert@dragos.com

KEV Date Added

Kategoriler

CWE-288 Nplatform CRITICAL Nuvationenergy 2026

Referanslar

https://www.dragos.com/community/advisories/CVE-2025-64119

Benzer Kayıtlar

High

CVE-2025-64124

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Ene…

Critical

CVE-2025-64120

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Nuvation Ene…

High

CVE-2025-64122

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Signature Spoo…

High

CVE-2025-64123

Unintended Proxy or Intermediary vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Network Boundary B…