Trane Tracer Concierge
6 CVEs affecting Trane Tracer Concierge. Latest disclosed: 2026-03-12. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-38450 | Critical | 9.9 | 2021-10-27 | The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller… |
CVE-2026-28256 | | 2026-03-12 | A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensiti… | |
CVE-2026-28255 | | 2026-03-12 | A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information an… | |
CVE-2026-28254 | | 2026-03-12 | A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to access sensitive informat… | |
CVE-2026-28253 | | 2026-03-12 | A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to cau… | |
CVE-2026-28252 | | 2026-03-12 | A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authent… |