CVE-2026-34029
Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This key can be used to decrypt the licence.whs file, which contains sensitive information about the licensing party and a second key that can be used to decrypt other configuration files.
| CWE | CWE-321 |
| Vendor | wertheim gmbh |
| Product | wertheim safecontroller software for vault rooms (safe deposit locker system) |
| Published | Jun 15, 2026 |
| Last Updated | Jun 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for wertheim gmbh wertheim safecontroller software for vault rooms (safe deposit locker system)
Be the first to know when new unknown vulnerabilities affecting wertheim gmbh wertheim safecontroller software for vault rooms (safe deposit locker system) are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Wertheim GmbH / Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)
Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014
References
Credits
Christian Hager, SEC Consult Vulnerability Lab Gorazd Jank, SEC Consult Vulnerability Lab Philipp Espernberger, SEC Consult Vulnerability Lab