CVE-2025-64121 – Nuvation Energy Multi-Stack Controller Authentication Bypass

CVE ID : CVE-2025-64121

Published : Jan. 2, 2026, 9:35 p.m. | 49 minutes ago

Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Authentication Bypass.This issue affects Multi-Stack Controller (MSC): from 2.3.8 before 2.5.1.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-64123 – Nuvation Energy nCloud Client-to-Client Communication

CVE-2025-64122 – Nuvation Energy Multi-Stack Controller Private Key Stored on Device

CVE-2025-64120 – Nuvation Energy Multi-Stack Controller OS Command Injection

CVE-2025-64119 – Nuvation Energy BMS Client-side Authentication