Vulnerabilidades en Trane
10 resultadosCVE-2015-2868—An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker whoEPSS 6.8%CVE-2015-2867—A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.EPSS 4.8%CVE-2021-38450CRITICALTrane Tracer Code InjectionEPSS 1.0%CVE-2021-42534MEDIUMTrane Building Automation Controllers Cross-site ScriptingEPSS 0.6%CVE-2026-28253HIGHMemory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer ConciergeEPSS 0.3%CVE-2026-28255HIGHUse of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer ConciergeEPSS 0.3%CVE-2021-38448HIGHTrane Symbio Improper Control of Generation of CodeEPSS 0.3%CVE-2026-28254MEDIUMMissing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer ConciergeEPSS 0.3%CVE-2026-28256MEDIUMUse of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer ConciergeEPSS 0.3%CVE-2026-28252CRITICALUse of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer ConciergeEPSS 0.2%