CVE-2026-28255 | Trane Tracer SC/Tracer SC+/Tracer Concierge hard-coded credentials (icsa-26-071-01)

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability marked as critical has been reported in Trane Tracer SC, Tracer SC+ and Tracer Concierge. This issue affects some unknown processing. Performing a manipulation results in hard-coded credentials.

This vulnerability is cataloged as CVE-2026-28255. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-28255 | Trane Tracer SC/Tracer SC+/Tracer Concierge hard-coded credentials (icsa-26-071-01)

Post correlati

CVE-2025-24916 | Tenable Network Monitor up to 6.5.0 on Windows access control

CVE-2024-22234 | VMware Spring Security up to 6.1.6/6.2.1 AuthenticationTrustResolver.isFullyAuthenticated access control

CVE-2026-27944 | 0xJacky nginx-ui up to 2.3.2 Response Header /api/backup missing encryption

CVE-2025-7412 | code-projects Library System 1.0 profile.php image unrestricted upload