ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.
CVSS Vector
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HTrane Tracer Sc
APPTrane≤ 4.2.1134
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2026-28252CRITICAL9.2PL ✓ten sam produkt
Podatność kryptograficzna w Trane Tracer SC umożliwiająca pominięcie uwierzytelnienia
CVE-2021-38450CRITICAL9.9ten sam produkt
The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker c...
CVE-2026-28253HIGH8.7ten sam produkt
A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concier...
CVE-2026-28255HIGH8.2ten sam produkt
A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow...
CVE-2026-28256MEDIUM6.9ten sam produkt
A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Conc...