RS-485 Communication Vulnerability in Wertheim SafeController 5400
CVE-2026-34021

8.6HIGH

Key Information:

Vendor: Wertheim Gmbh
Status: Wertheim Safecontroller 5400 Hardware For Vault Rooms (safe Deposit Locker System - Microcontroller)
Vendor: CVE Published:; 15 June 2026

🔔 Create Wertheim Gmbh Vulnerability Alert

What is CVE-2026-34021?

The Wertheim SafeController 5400 presents a security concern through insecure RS-485 communication between the server and its microcontroller. Without cryptographic protections, an attacker gaining access to this communication path can intercept and replay messages. This vulnerability enables potential spoofing of critical commands, such as disabling alarm functionalities, which poses significant risks to the integrity of security systems relying on this technology.

Affected Version(s)

Wertheim SafeController 5400 Hardware for VAULT ROOMS (Safe Deposit Locker System - Microcontroller) Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320

References

https://wertheim-safes.com/safe-deposit-boxes/

product

https://r.sec-consult.com/wertdev

third-party-advisory

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2026
Vulnerability Reserved
Mar 25, 2026

Credit

Gorazd Jank, SEC Consult Vulnerability Lab

Christian Hager, SEC Consult Vulnerability Lab

Philipp Espernberger, SEC Consult Vulnerability Lab

CVE-2026-34021 Data

JSON