3 matches found
CVE-2023-4212
creationtimestamp| type| source ---|---|--- 2023-08-22 22:28:05+00:00| seen| https://t.me/cibsecurity/69019...
CVE-2023-4212 Trane Thermostats Injection
A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...
CVE-2023-4212
CVE-2023-4212 affects Trane XL824, XL850, XL1050, and Pivot thermostats. A command injection allows an attacker to run arbitrary commands as root via a specially crafted filename when physical access is granted through a USB stick. Public documents confirm vulnerable firmware versions: XL824/XL85...