SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-518999214] Trane Tracer SC Sensitive Information Exposure Vulnerability

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2016-09-15HMITrane Tracer SCMaxim RuppN/A2016-0870N/AN/AN/A

Source

						
							
								
#
# Trane Tracer SC Sensitive Information Exposure Vulnerability
#


### OVERVIEW

Independent researcher Maxim Rupp has identified an information exposure vulnerability in Trane U.S. Inc.'s Tracer SC field panel. Trane U.S. Inc. has produced an update to mitigate this vulnerability. Maxim Rupp has tested the update to validate that it resolves the vulnerability.

This vulnerability could be exploited remotely.




### AFFECTED PRODUCTS

The following Tracer SC versions are affected:

Versions 4.2.1134 and below.





### IMPACT

This vulnerability allows an unauthorized party to obtain sensitive information from the contents of configuration files not protected by the web server.

Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.






### BACKGROUND

Trane is a U.S.-based company that maintains offices throughout the U.S. It is a subsidiary of Ingersoll Rand.

The affected product, Tracer SC, is an intelligent field panel for communicating with HVAC equipment controllers. According to Trane U.S. Inc., Tracer SC is deployed across several sectors including Commercial Facilities and others. Trane U.S. Inc. estimates that these products are used primarily in the United States and Europe with a small percentage in Asia.





### VULNERABILITY CHARACTERIZATION


# VULNERABILITY OVERVIEW


INFORMATION EXPOSURE

Contents of specific directories on the Tracer SC are exposed with the web server application to unauthenticated users. These directories have sensitive information within the configuration files.

CVE-2016-0870 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 and a temporal score of 4.8 have been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C).






### VULNERABILITY DETAILS


# EXPLOITABILITY

This vulnerability could be exploited remotely.


# EXISTENCE OF EXPLOIT

No known public exploits specifically target this vulnerability.


# DIFFICULTY

An attacker with a low skill would be able to exploit this vulnerability.





### MITIGATION

Trane U.S. Inc. has produced an update for the Tracer SC.

It is recommended that users contact their local Trane office for information on how to obtain this update. Please reference Trane service database number HUB-120517 when calling the local Trane office.

If users need assistance locating their local Trane office, please click: http://www.trane.com/commercial/north-america/us/en.html