CVE-2024-22734

MEDIUM

AMCS Group Trux Waste Mgmt <7.19.0018.26912 - Info Disclosure

Title source: llm

Description

An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components.

Exploits (1)

nomisec WORKING POC 2 stars

by securekomodo · poc

https://github.com/securekomodo/CVE-2024-22734

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] https://www.redlinecybersecurity.com/blog/cve-2024-22734

Scores

CVSS v3 6.2

EPSS 0.0288

EPSS Percentile 86.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (1)

amcsgroup/trux_waste_management < 7.19.0018.26912

Published Apr 12, 2024

Tracked Since Feb 18, 2026