Vulnerabilities > CVE-2021-38448 - Unspecified vulnerability in Trane Symbio 700 and Symbio 800
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH low complexity
trane
Summary
The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
Hardware | 4 |