Trane Comfortlink Ii Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Trane Comfortlink Ii Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2015-2867 — CVSS 9.8 (critical): A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system.
CVE-2015-2868 — CVSS 9.8 (critical): An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker…