CVE-2026-28256

Vulnerability Description

A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts.

Vulnerability Details

Published Date

March 12, 2026

Last Modified

March 12, 2026

CWE ID

CWE-547

Source

NVD

Vendor

Trane

Product

Tracer SC, Tracer SC+, Tracer Concierge

External References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-01

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment