Vulnerabilities > Trane > Comfortlink II Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-06 | CVE-2015-2868 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trane Comfortlink II Firmware 2.0.2 An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. | 9.8 |
| 2017-01-06 | CVE-2015-2867 | Use of Hard-coded Credentials vulnerability in Trane Comfortlink II Firmware 2.0.2 A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system. | 9.8 |