CVE-2026-28256

Medium CVSS: 6.9

A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts.

Vendor

Trane

Product

Tracer Sc\+ Firmware

CWE

CWE-547

Yayın Tarihi

2026-03-12 18:16:23

Güncelleme

2026-03-27 16:25:57

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-547 Tracer Sc Firmware MEDIUM Trane 2026

Referanslar

https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-01

Benzer Kayıtlar

Critical

CVE-2026-28252

A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge co…

High

CVE-2026-28253

A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could a…

Medium

CVE-2026-28254

A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticate…

High

CVE-2026-28255

A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attack…