CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service...

CVE-2024-22734

An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components...

CVE-2024-22734

CVE-2024-22734 : AMCS Group Trux Waste Management Software (prior to 7.19.0018.26912) contains a vulnerability where a static, hard-coded AES Key-IV pair in the TX utilities path (TxUtilities.dll and TruxUser.cfg) can allow a local attacker to obtain sensitive information. Impact is described as ...

Yealink Configuration Encrypt Tool Static AES Key

CloudAware Security Advisory CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool ======================================================================== Summary ======================================================================== A single, vendorwide, hardcoded AES key in...