Search criteria
7 vulnerabilities by trane
CVE-2021-38448 (GCVE-0-2021-38448)
Vulnerability from cvelistv5 – Published: 2021-11-22 18:58 – Updated: 2024-08-04 01:44
VLAI?
Title
Trane Symbio Improper Control of Generation of Code
Summary
The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software.
Severity ?
7.5 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Credits
Trane reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:22.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symbio",
"vendor": "Trane",
"versions": [
{
"lessThan": "1.00.0023",
"status": "affected",
"version": "700",
"versionType": "custom"
},
{
"lessThan": "1.00.0007",
"status": "affected",
"version": "800",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Trane reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-22T18:58:45",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\nTrane has identified the following specific mitigations:\n\nSymbio 700 controllers: Upgrade to v1.00.0023 or later\nSymbio 800 controllers: Upgrade to v1.00.0007 or later\nIn addition to the specific recommendations above, Trane continues to recommend the following best practices as an additional protection against this and other controller vulnerabilities:\n\nRestrict physical controller access to trained and trusted personnel.\nUse secure remote access solutions, such as Trane Connect Remote Access, when needed.\nEnsure user credentials are not shared and follow best practices for appropriate complexity (e.g., strong passwords).\nHave a well-documented process and owner to ensure regular software/firmware updates and keep systems up to date."
}
],
"source": {
"advisory": "ICSA-21-266-01",
"discovery": "UNKNOWN"
},
"title": "Trane Symbio Improper Control of Generation of Code",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-38448",
"STATE": "PUBLIC",
"TITLE": "Trane Symbio Improper Control of Generation of Code"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symbio",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "700",
"version_value": "1.00.0023"
},
{
"version_affected": "\u003c",
"version_name": "800",
"version_value": "1.00.0007"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Trane reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-01",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\nTrane has identified the following specific mitigations:\n\nSymbio 700 controllers: Upgrade to v1.00.0023 or later\nSymbio 800 controllers: Upgrade to v1.00.0007 or later\nIn addition to the specific recommendations above, Trane continues to recommend the following best practices as an additional protection against this and other controller vulnerabilities:\n\nRestrict physical controller access to trained and trusted personnel.\nUse secure remote access solutions, such as Trane Connect Remote Access, when needed.\nEnsure user credentials are not shared and follow best practices for appropriate complexity (e.g., strong passwords).\nHave a well-documented process and owner to ensure regular software/firmware updates and keep systems up to date."
}
],
"source": {
"advisory": "ICSA-21-266-01",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-38448",
"datePublished": "2021-11-22T18:58:45",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-08-04T01:44:22.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38450 (GCVE-0-2021-38450)
Vulnerability from cvelistv5 – Published: 2021-10-27 00:48 – Updated: 2024-09-16 16:23
VLAI?
Title
Trane Tracer Code Injection
Summary
The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software.
Severity ?
9.9 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Trane | Tracer SC |
Affected:
All , < 4.4 SP7
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Trane reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:22.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tracer SC",
"vendor": "Trane",
"versions": [
{
"lessThan": "4.4 SP7",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Tracer SC+",
"vendor": "Trane",
"versions": [
{
"lessThan": "5.5 SP3",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Tracer Concierge",
"vendor": "Trane",
"versions": [
{
"lessThan": "5.5 SP3",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Trane reported this vulnerability to CISA."
}
],
"datePublic": "2021-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:48:50",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\n\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends identifying a migration plan for replacing the Tracer SC controller with the next-generation Tracer SC+ controller. Tracer SC+ can function as a drop-in replacement for Tracer SC, providing significant updates to security capabilities.\n\nTrane has identified the following specific mitigations:\n\nTracer SC: Upgrade to v4.4 SP7 or later\nTracer SC+: Upgrade to v5.5 SP3 or later\nTracer Concierge: Upgrade to v5.5 SP3 or later"
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"discovery": "UNKNOWN"
},
"title": "Trane Tracer Code Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-09-27T15:34:00.000Z",
"ID": "CVE-2021-38450",
"STATE": "PUBLIC",
"TITLE": "Trane Tracer Code Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tracer SC",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "4.4 SP7"
}
]
}
},
{
"product_name": "Tracer SC+",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "5.5 SP3"
}
]
}
},
{
"product_name": "Tracer Concierge",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "5.5 SP3"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Trane reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\n\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends identifying a migration plan for replacing the Tracer SC controller with the next-generation Tracer SC+ controller. Tracer SC+ can function as a drop-in replacement for Tracer SC, providing significant updates to security capabilities.\n\nTrane has identified the following specific mitigations:\n\nTracer SC: Upgrade to v4.4 SP7 or later\nTracer SC+: Upgrade to v5.5 SP3 or later\nTracer Concierge: Upgrade to v5.5 SP3 or later"
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-38450",
"datePublished": "2021-10-27T00:48:50.750971Z",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-09-16T16:23:31.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42534 (GCVE-0-2021-42534)
Vulnerability from cvelistv5 – Published: 2021-10-22 13:17 – Updated: 2024-09-16 23:52
VLAI?
Title
Trane Building Automation Controllers Cross-site Scripting
Summary
The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.
Severity ?
6.3 (Medium)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tracer SC",
"vendor": "Trane",
"versions": [
{
"lessThanOrEqual": "3.8",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA."
}
],
"datePublic": "2021-10-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The affected product\u2019s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T14:01:11",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Trane has identified the following specific mitigations for the affected products:\n\nUsers upgrade Tracer SC controllers running firmware v3.8 and prior, to firmware v4.4 SP7 or higher. Users should contact a regional Trane office to install updated firmware or request additional information and reference Trane service database number HUB-207592.\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends users identify a migration plan to replace the Tracer SC controller with the Tracer SC+ controller, which can function as a drop-in replacement for Tracer SC, providing significant security upgrades."
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"discovery": "UNKNOWN"
},
"title": "Trane Building Automation Controllers Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-10-19T15:34:00.000Z",
"ID": "CVE-2021-42534",
"STATE": "PUBLIC",
"TITLE": "Trane Building Automation Controllers Cross-site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tracer SC",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "3.8"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected product\u2019s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Trane has identified the following specific mitigations for the affected products:\n\nUsers upgrade Tracer SC controllers running firmware v3.8 and prior, to firmware v4.4 SP7 or higher. Users should contact a regional Trane office to install updated firmware or request additional information and reference Trane service database number HUB-207592.\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends users identify a migration plan to replace the Tracer SC controller with the Tracer SC+ controller, which can function as a drop-in replacement for Tracer SC, providing significant security upgrades."
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-42534",
"datePublished": "2021-10-22T13:17:15.735964Z",
"dateReserved": "2021-10-15T00:00:00",
"dateUpdated": "2024-09-16T23:52:08.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2868 (GCVE-0-2015-2868)
Vulnerability from cvelistv5 – Published: 2017-01-06 21:00 – Updated: 2024-08-06 05:32
VLAI?
Summary
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trane | ComfortLink II SCC firmware |
Affected:
2.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:19.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95118",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ComfortLink II SCC firmware",
"vendor": "Trane",
"versions": [
{
"status": "affected",
"version": "2.0.2"
}
]
}
],
"datePublic": "2016-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-09T10:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "95118",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2868",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ComfortLink II SCC firmware",
"version": {
"version_data": [
{
"version_value": "2.0.2"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95118",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95118"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0027/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-2868",
"datePublished": "2017-01-06T21:00:00",
"dateReserved": "2015-04-03T00:00:00",
"dateUpdated": "2024-08-06T05:32:19.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2867 (GCVE-0-2015-2867)
Vulnerability from cvelistv5 – Published: 2017-01-06 21:00 – Updated: 2024-08-06 05:32
VLAI?
Summary
A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.
Severity ?
No CVSS data available.
CWE
- hardcoded passwords
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trane | ComfortLink II SCC firmware |
Affected:
2.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:19.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/"
},
{
"name": "95120",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95120"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ComfortLink II SCC firmware",
"vendor": "Trane",
"versions": [
{
"status": "affected",
"version": "2.0.2"
}
]
}
],
"datePublic": "2016-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "hardcoded passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-09T10:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/"
},
{
"name": "95120",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95120"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2867",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ComfortLink II SCC firmware",
"version": {
"version_data": [
{
"version_value": "2.0.2"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "hardcoded passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0028/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/"
},
{
"name": "95120",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95120"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-2867",
"datePublished": "2017-01-06T21:00:00",
"dateReserved": "2015-04-03T00:00:00",
"dateUpdated": "2024-08-06T05:32:19.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0870 (GCVE-0-2016-0870)
Vulnerability from cvelistv5 – Published: 2016-09-19 01:00 – Updated: 2024-08-05 22:30
VLAI?
Summary
The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:05.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03"
},
{
"name": "92979",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92979"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03"
},
{
"name": "92979",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92979"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-0870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03"
},
{
"name": "92979",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92979"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-0870",
"datePublished": "2016-09-19T01:00:00",
"dateReserved": "2015-12-17T00:00:00",
"dateUpdated": "2024-08-05T22:30:05.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4526 (GCVE-0-2016-4526)
Vulnerability from cvelistv5 – Published: 2016-09-19 01:00 – Updated: 2024-08-06 00:32
VLAI?
Summary
ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9ADB005557_ABB_SoftwareVulnerabilityHandlingAdvisory_DMPro.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-02"
},
{
"name": "92980",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92980"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9ADB005557_ABB_SoftwareVulnerabilityHandlingAdvisory_DMPro.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-02"
},
{
"name": "92980",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92980"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-4526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9ADB005557_ABB_SoftwareVulnerabilityHandlingAdvisory_DMPro.pdf",
"refsource": "CONFIRM",
"url": "https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9ADB005557_ABB_SoftwareVulnerabilityHandlingAdvisory_DMPro.pdf"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-02"
},
{
"name": "92980",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92980"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-4526",
"datePublished": "2016-09-19T01:00:00",
"dateReserved": "2016-05-05T00:00:00",
"dateUpdated": "2024-08-06T00:32:25.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}