CVE-2025-64125

Summary

A vulnerability in Nuvation Energy nCloud VPN Service allowed Network Boundary Bridging.This issue affected the nCloud VPN Service and was fixed on 2025-12-1 (December, 2025). End users do not have to take any action to mitigate the issue.

Affected Software

VendorProductVersion RangeStatus
Nuvation EnergynCloud VPN Service2025-12-1affected

Weaknesses

  • CWE-441: CWE-441: Unintended Proxy or Intermediary

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References