PT-2026-1138 · Nuvation Energy · Ncloud Vpn Service+1
Published
2025-01-13
·
Updated
2026-01-03
·
CVE-2025-64123
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Nuvation Energy Multi-Stack Controller (MSC) versions through 2.5.1
Nuvation Energy nCloud VPN Service (affected versions not specified)
Description
An issue involving Network Boundary Bridging exists in Nuvation Energy nCloud VPN Service and Multi-Stack Controller (MSC). This allows for unintended proxy or intermediary behavior. The nCloud VPN Service issue was resolved on December 1, 2025, and no action is required from end users.
Recommendations
Versions of Nuvation Energy Multi-Stack Controller (MSC) prior to and including 2.5.1 should be updated.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Multi-Stack Controller
Ncloud Vpn Service