CVE-2026-28254

Publication date

2026-03-12 17:29:56

Family

icscert

State

PUBLISHED

Description

A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to access sensitive information through unprotected APIs.