Search criteria
5 vulnerabilities found for Tracer SC by Trane
VAR-201609-0334
Vulnerability from variot - Updated: 2023-12-18 13:57ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory. ABB DataManagerPro Contains a privileged vulnerability. Supplementary information : CWE Vulnerability type by CWE-427: Uncontrolled Search Path Element ( Uncontrolled search path elements ) Has been identified. ABB DataManagerPro is a suite of data analysis software from ABB, Switzerland. The software automatically collects data via Ethernet and database management. ABB DataManagerPro is prone to a local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. A local attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. ABB DataManagerPro versions 1.0.0 through 1.7.0 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0334",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tracer sc",
"scope": "lte",
"trust": 1.0,
"vendor": "trane",
"version": "4.2.1134"
},
{
"model": "datamanagerpro",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "1.7.0"
},
{
"model": "datamanagerpro",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "1.0.0"
},
{
"model": "datamanagerpro",
"scope": "lt",
"trust": 0.8,
"vendor": "abb",
"version": "1.x"
},
{
"model": "datamanagerpro",
"scope": "eq",
"trust": 0.8,
"vendor": "abb",
"version": "1.7.1"
},
{
"model": "tracer sc",
"scope": "eq",
"trust": 0.6,
"vendor": "trane",
"version": "4.2.1134"
},
{
"model": "datamanagerpro",
"scope": "ne",
"trust": 0.3,
"vendor": "abb",
"version": "1.7.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "tracer sc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"db": "BID",
"id": "92980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:trane:tracer_sc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.1134",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4526"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi.",
"sources": [
{
"db": "BID",
"id": "92980"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4526",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-4526",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-07742",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "bdfe210a-e3a3-4a84-8115-984187198303",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4526",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4526",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-07742",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-339",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory. ABB DataManagerPro Contains a privileged vulnerability. Supplementary information : CWE Vulnerability type by CWE-427: Uncontrolled Search Path Element ( Uncontrolled search path elements ) Has been identified. ABB DataManagerPro is a suite of data analysis software from ABB, Switzerland. The software automatically collects data via Ethernet and database management. ABB DataManagerPro is prone to a local arbitrary code-execution vulnerability because it fails to sanitize user-supplied input. \nA local attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nABB DataManagerPro versions 1.0.0 through 1.7.0 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"db": "BID",
"id": "92980"
},
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4526",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-16-259-02",
"trust": 3.3
},
{
"db": "BID",
"id": "92980",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2016-07742",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812",
"trust": 0.8
},
{
"db": "IVD",
"id": "BDFE210A-E3A3-4A84-8115-984187198303",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"db": "BID",
"id": "92980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"id": "VAR-201609-0334",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
}
],
"trust": 1.51428573
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
}
]
},
"last_update_date": "2023-12-18T13:57:29.526000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "089290",
"trust": 0.8,
"url": "https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9adb005557_abb_softwarevulnerabilityhandlingadvisory_dmpro.pdf"
},
{
"title": "Patch for ABB DataManagerPro DLL native code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/81525"
},
{
"title": "ABB DataManagerPro Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64139"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "NVD",
"id": "CVE-2016-4526"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-259-02"
},
{
"trust": 1.6,
"url": "https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9adb005557_abb_softwarevulnerabilityhandlingadvisory_dmpro.pdf"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/92980"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4526"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4526"
},
{
"trust": 0.3,
"url": "http://www.abb.com/"
},
{
"trust": 0.3,
"url": "http://blog.rapid7.com/?p=5325"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"db": "BID",
"id": "92980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"db": "BID",
"id": "92980"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-20T00:00:00",
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"date": "2016-09-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"date": "2016-09-16T00:00:00",
"db": "BID",
"id": "92980"
},
{
"date": "2016-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"date": "2016-09-19T01:59:02.790000",
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"date": "2016-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07742"
},
{
"date": "2016-09-16T00:00:00",
"db": "BID",
"id": "92980"
},
{
"date": "2016-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004812"
},
{
"date": "2016-11-28T20:18:37.307000",
"db": "NVD",
"id": "CVE-2016-4526"
},
{
"date": "2016-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "92980"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ABB DataManagerPro DLL Native code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "bdfe210a-e3a3-4a84-8115-984187198303"
},
{
"db": "CNVD",
"id": "CNVD-2016-07742"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-339"
}
],
"trust": 0.6
}
}
CVE-2021-38450 (GCVE-0-2021-38450)
Vulnerability from cvelistv5 – Published: 2021-10-27 00:48 – Updated: 2024-09-16 16:23
VLAI?
Title
Trane Tracer Code Injection
Summary
The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software.
Severity ?
9.9 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Trane | Tracer SC |
Affected:
All , < 4.4 SP7
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Trane reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:22.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tracer SC",
"vendor": "Trane",
"versions": [
{
"lessThan": "4.4 SP7",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Tracer SC+",
"vendor": "Trane",
"versions": [
{
"lessThan": "5.5 SP3",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Tracer Concierge",
"vendor": "Trane",
"versions": [
{
"lessThan": "5.5 SP3",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Trane reported this vulnerability to CISA."
}
],
"datePublic": "2021-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:48:50",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\n\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends identifying a migration plan for replacing the Tracer SC controller with the next-generation Tracer SC+ controller. Tracer SC+ can function as a drop-in replacement for Tracer SC, providing significant updates to security capabilities.\n\nTrane has identified the following specific mitigations:\n\nTracer SC: Upgrade to v4.4 SP7 or later\nTracer SC+: Upgrade to v5.5 SP3 or later\nTracer Concierge: Upgrade to v5.5 SP3 or later"
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"discovery": "UNKNOWN"
},
"title": "Trane Tracer Code Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-09-27T15:34:00.000Z",
"ID": "CVE-2021-38450",
"STATE": "PUBLIC",
"TITLE": "Trane Tracer Code Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tracer SC",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "4.4 SP7"
}
]
}
},
{
"product_name": "Tracer SC+",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "5.5 SP3"
}
]
}
},
{
"product_name": "Tracer Concierge",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "5.5 SP3"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Trane reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\n\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends identifying a migration plan for replacing the Tracer SC controller with the next-generation Tracer SC+ controller. Tracer SC+ can function as a drop-in replacement for Tracer SC, providing significant updates to security capabilities.\n\nTrane has identified the following specific mitigations:\n\nTracer SC: Upgrade to v4.4 SP7 or later\nTracer SC+: Upgrade to v5.5 SP3 or later\nTracer Concierge: Upgrade to v5.5 SP3 or later"
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-38450",
"datePublished": "2021-10-27T00:48:50.750971Z",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-09-16T16:23:31.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42534 (GCVE-0-2021-42534)
Vulnerability from cvelistv5 – Published: 2021-10-22 13:17 – Updated: 2024-09-16 23:52
VLAI?
Title
Trane Building Automation Controllers Cross-site Scripting
Summary
The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.
Severity ?
6.3 (Medium)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tracer SC",
"vendor": "Trane",
"versions": [
{
"lessThanOrEqual": "3.8",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA."
}
],
"datePublic": "2021-10-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The affected product\u2019s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T14:01:11",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Trane has identified the following specific mitigations for the affected products:\n\nUsers upgrade Tracer SC controllers running firmware v3.8 and prior, to firmware v4.4 SP7 or higher. Users should contact a regional Trane office to install updated firmware or request additional information and reference Trane service database number HUB-207592.\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends users identify a migration plan to replace the Tracer SC controller with the Tracer SC+ controller, which can function as a drop-in replacement for Tracer SC, providing significant security upgrades."
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"discovery": "UNKNOWN"
},
"title": "Trane Building Automation Controllers Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-10-19T15:34:00.000Z",
"ID": "CVE-2021-42534",
"STATE": "PUBLIC",
"TITLE": "Trane Building Automation Controllers Cross-site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tracer SC",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "3.8"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected product\u2019s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Trane has identified the following specific mitigations for the affected products:\n\nUsers upgrade Tracer SC controllers running firmware v3.8 and prior, to firmware v4.4 SP7 or higher. Users should contact a regional Trane office to install updated firmware or request additional information and reference Trane service database number HUB-207592.\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends users identify a migration plan to replace the Tracer SC controller with the Tracer SC+ controller, which can function as a drop-in replacement for Tracer SC, providing significant security upgrades."
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-42534",
"datePublished": "2021-10-22T13:17:15.735964Z",
"dateReserved": "2021-10-15T00:00:00",
"dateUpdated": "2024-09-16T23:52:08.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38450 (GCVE-0-2021-38450)
Vulnerability from nvd – Published: 2021-10-27 00:48 – Updated: 2024-09-16 16:23
VLAI?
Title
Trane Tracer Code Injection
Summary
The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software.
Severity ?
9.9 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Trane | Tracer SC |
Affected:
All , < 4.4 SP7
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Trane reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:22.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tracer SC",
"vendor": "Trane",
"versions": [
{
"lessThan": "4.4 SP7",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Tracer SC+",
"vendor": "Trane",
"versions": [
{
"lessThan": "5.5 SP3",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Tracer Concierge",
"vendor": "Trane",
"versions": [
{
"lessThan": "5.5 SP3",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Trane reported this vulnerability to CISA."
}
],
"datePublic": "2021-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:48:50",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\n\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends identifying a migration plan for replacing the Tracer SC controller with the next-generation Tracer SC+ controller. Tracer SC+ can function as a drop-in replacement for Tracer SC, providing significant updates to security capabilities.\n\nTrane has identified the following specific mitigations:\n\nTracer SC: Upgrade to v4.4 SP7 or later\nTracer SC+: Upgrade to v5.5 SP3 or later\nTracer Concierge: Upgrade to v5.5 SP3 or later"
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"discovery": "UNKNOWN"
},
"title": "Trane Tracer Code Injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-09-27T15:34:00.000Z",
"ID": "CVE-2021-38450",
"STATE": "PUBLIC",
"TITLE": "Trane Tracer Code Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tracer SC",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "4.4 SP7"
}
]
}
},
{
"product_name": "Tracer SC+",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "5.5 SP3"
}
]
}
},
{
"product_name": "Tracer Concierge",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "5.5 SP3"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Trane reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Affected users should contact a Trane representative to install updated firmware or request additional information. Please reference Trane service database number HUB-205962 when contacting the Trane office.\n\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends identifying a migration plan for replacing the Tracer SC controller with the next-generation Tracer SC+ controller. Tracer SC+ can function as a drop-in replacement for Tracer SC, providing significant updates to security capabilities.\n\nTrane has identified the following specific mitigations:\n\nTracer SC: Upgrade to v4.4 SP7 or later\nTracer SC+: Upgrade to v5.5 SP3 or later\nTracer Concierge: Upgrade to v5.5 SP3 or later"
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-266-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-38450",
"datePublished": "2021-10-27T00:48:50.750971Z",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-09-16T16:23:31.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42534 (GCVE-0-2021-42534)
Vulnerability from nvd – Published: 2021-10-22 13:17 – Updated: 2024-09-16 23:52
VLAI?
Title
Trane Building Automation Controllers Cross-site Scripting
Summary
The affected product’s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms.
Severity ?
6.3 (Medium)
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tracer SC",
"vendor": "Trane",
"versions": [
{
"lessThanOrEqual": "3.8",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA."
}
],
"datePublic": "2021-10-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The affected product\u2019s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T14:01:11",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
],
"solutions": [
{
"lang": "en",
"value": "Trane has identified the following specific mitigations for the affected products:\n\nUsers upgrade Tracer SC controllers running firmware v3.8 and prior, to firmware v4.4 SP7 or higher. Users should contact a regional Trane office to install updated firmware or request additional information and reference Trane service database number HUB-207592.\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends users identify a migration plan to replace the Tracer SC controller with the Tracer SC+ controller, which can function as a drop-in replacement for Tracer SC, providing significant security upgrades."
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"discovery": "UNKNOWN"
},
"title": "Trane Building Automation Controllers Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-10-19T15:34:00.000Z",
"ID": "CVE-2021-42534",
"STATE": "PUBLIC",
"TITLE": "Trane Building Automation Controllers Cross-site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tracer SC",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "3.8"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chizuru Toyama of TXOne IoT/ICS Security Research Labs of Trend Micro reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The affected product\u2019s web application does not properly neutralize the input during webpage generation, which could allow an attacker to inject code in the input forms."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"refsource": "CONFIRM",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02"
}
]
},
"solution": [
{
"lang": "en",
"value": "Trane has identified the following specific mitigations for the affected products:\n\nUsers upgrade Tracer SC controllers running firmware v3.8 and prior, to firmware v4.4 SP7 or higher. Users should contact a regional Trane office to install updated firmware or request additional information and reference Trane service database number HUB-207592.\nTracer SC is no longer actively developed, tested, or sold. Tracer SC will be considered end-of-life on December 31, 2022. Trane recommends users identify a migration plan to replace the Tracer SC controller with the Tracer SC+ controller, which can function as a drop-in replacement for Tracer SC, providing significant security upgrades."
}
],
"source": {
"advisory": "https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-42534",
"datePublished": "2021-10-22T13:17:15.735964Z",
"dateReserved": "2021-10-15T00:00:00",
"dateUpdated": "2024-09-16T23:52:08.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}