CVE-2026-34021
Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485 messages and replay previously observed messages. This can be used, for example, to spoof a "quit alarm" message and continuously deactivate the safe alarm.
| CWE | CWE-294 |
| Vendor | wertheim gmbh |
| Product | wertheim safecontroller 5400 hardware for vault rooms (safe deposit locker system - microcontroller) |
| Published | Jun 15, 2026 |
| Last Updated | Jun 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for wertheim gmbh wertheim safecontroller 5400 hardware for vault rooms (safe deposit locker system - microcontroller)
Be the first to know when new unknown vulnerabilities affecting wertheim gmbh wertheim safecontroller 5400 hardware for vault rooms (safe deposit locker system - microcontroller) are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Wertheim GmbH / Wertheim SafeController 5400 Hardware for VAULT ROOMS (Safe Deposit Locker System - Microcontroller)
Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320
References
wertheim-safes.com: https://wertheim-safes.com/safe-deposit-boxes/ r.sec-consult.com: https://r.sec-consult.com/wertdev sec-consult.com: https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-wertheim-safecontroller-hardware-for-vault-rooms-safe-deposit-locker-system-microcontroller/
Credits
Gorazd Jank, SEC Consult Vulnerability Lab Christian Hager, SEC Consult Vulnerability Lab Philipp Espernberger, SEC Consult Vulnerability Lab