Refine your search
2 vulnerabilities found for ComfortLink II SCC firmware by Trane
CVE-2015-2867 (GCVE-0-2015-2867)
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-06 05:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- hardcoded passwords
Summary
A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trane | ComfortLink II SCC firmware |
Version: 2.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:19.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/"
},
{
"name": "95120",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95120"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ComfortLink II SCC firmware",
"vendor": "Trane",
"versions": [
{
"status": "affected",
"version": "2.0.2"
}
]
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "hardcoded passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-09T10:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/"
},
{
"name": "95120",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95120"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2867",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ComfortLink II SCC firmware",
"version": {
"version_data": [
{
"version_value": "2.0.2"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "hardcoded passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0028/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/"
},
{
"name": "95120",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95120"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-2867",
"datePublished": "2017-01-06T21:00:00.000Z",
"dateReserved": "2015-04-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T05:32:19.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2868 (GCVE-0-2015-2868)
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-06 05:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- buffer overflow
Summary
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trane | ComfortLink II SCC firmware |
Version: 2.0.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:32:19.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95118",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ComfortLink II SCC firmware",
"vendor": "Trane",
"versions": [
{
"status": "affected",
"version": "2.0.2"
}
]
}
],
"datePublic": "2016-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-09T10:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "95118",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2868",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ComfortLink II SCC firmware",
"version": {
"version_data": [
{
"version_value": "2.0.2"
}
]
}
}
]
},
"vendor_name": "Trane"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95118",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95118"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0027/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-2868",
"datePublished": "2017-01-06T21:00:00.000Z",
"dateReserved": "2015-04-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T05:32:19.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}