CVE 7.2 HIGH

Nuvation Energy Multi-Stack Controller Private Key Stored on Device_CVE-2025-64122

January 2, 2026 invoker category_cve
7.2 / 10
HIGH
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

Description

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller (MSC): through 2.5.1.

Basic Information

ID CVE-2025-64122
Source Dragos
Published Jan 2, 2026 at 21:39

Affected Product

Vendor Nuvation Energy
Product Multi-Stack Controller (MSC)
Affected Versions Nuvation Energy Multi-Stack Controller (MSC) 0

CWE Classification

CWE-522

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.