Trane Tracer SC, Tracer SC+, and Tracer Concierge Use of Hard-Coded Credentials (CVE-2026-28255)

A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

CVE-2026-28255

A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...

CVE-2026-28255

CVE-2026-28255 affects Trane Tracer SC, Tracer SC+, and Tracer Concierge with a use of hard-coded credentials. The root cause is hard-coded credentials allowing an attacker to disclose sensitive information and take over accounts (CVSS v4.0 base score 8.2, HIGH). Exploitation details, affected ve...

CVE-2026-28255

creationtimestamp| type| source ---|---|--- 2026-03-12 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-01 2026-03-12 19:35:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgv5gpvyun2n...