CVE Vulnerabilities

CVE-2025-64121

Authentication Bypass Using an Alternate Path or Channel

Published: Jan 02, 2026 | Modified: Feb 26, 2026
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Authentication Bypass.This issue affects Multi-Stack Controller (MSC): from 2.3.8 before 2.5.1.

Weakness

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Affected Software

NameVendorStart VersionEnd Version
NplatformNuvationenergy2.3.8 (including)2.5.1 (excluding)

Potential Mitigations

References