Home

Description

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller (MSC): through 2.5.1.

PUBLISHED Reserved 2025-10-27 | Published 2026-01-02 | Updated 2026-01-05 | Assigner Dragos




HIGH: 7.2CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

Problem types

CWE-522 Insufficiently Protected Credentials

Product status

Default status
unaffected

Any version
affected

References

www.dragos.com/community/advisories/CVE-2025-64119

cve.org (CVE-2025-64122)

nvd.nist.gov (CVE-2025-64122)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.