CVE-2025-64123

Summary

Unintended Proxy or Intermediary vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Network Boundary Bridging.This issue affects Multi-Stack Controller (MSC): through and including release 2.5.1.

Affected Software

VendorProductVersion RangeStatus
Nuvation EnergyMulti-Stack Controller (MSC)0 <= 2.5.1affected

Weaknesses

  • CWE-441: CWE-441: Unintended Proxy or Intermediary

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References