Researchers found critical vulnerabilities in Vertiv UPS network cards and Trane Tracer SC+ HVAC controllers that could let hackers remotely disrupt power protection and cooling systems in data centers and other facilities. Claroty reported authentication-bypass and remote-code-execution flaws in Vertiv cards, and authentication bypass, remote code execution, denial-of-service, and sensitive-information exposure issues in Trane Tracer SC+ building-management controllers; the vendors have issued patches, but the article does not list CVE IDs or affected versions.
Why it matters: These products help keep servers powered and cool, so successful attacks could cause outages, hardware damage, or forced shutdowns. Organizations using Vertiv UPS management cards or Trane Tracer SC+ should identify exposed systems and apply vendor patches and mitigations quickly.
Eduard Kovacs
2026.06.10
100% relevant
This article appears to be the first tracked item establishing the disclosure of these specific Claroty-reported vulnerabilities in Vertiv UPS cards and Trane Tracer SC+ controllers.
← Back to all stories