๐Ÿ” CVE Alert

CVE-2026-28256

UNKNOWN 0.0

Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts.

CWE CWE-547
Vendor trane
Product tracer sc
Published Mar 12, 2026
Last Updated Mar 12, 2026
Stay Ahead of the Next One

Get instant alerts for trane tracer sc

Be the first to know when new unknown vulnerabilities affecting trane tracer sc are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Trane / Tracer SC
0 < v4.4 SP7
Trane / Tracer SC+
0 < v6.3.2310
Trane / Tracer Concierge
0 < v6.3.2310

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
cisa.gov: https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-01

Credits

Noam Moshe of Claroty reported these vulnerabilities to CISA.