Weak Cryptographic Protection in Wertheim SafeController Family 65000
CVE-2026-34022

7.1HIGH

Key Information:

Vendor: Wertheim Gmbh
Status: Wertheim Safecontroller Family 65000 Hardware For Vault Rooms (safe Deposit Locker System - Microcontroller)
Vendor: CVE Published:; 15 June 2026

🔔 Create Wertheim Gmbh Vulnerability Alert

What is CVE-2026-34022?

The Wertheim SafeController Family 65000 employs weak custom cryptographic algorithms with hard-coded keys, posing significant risks to data transmission. Attackers positioned in an adversarial role can exploit this vulnerability to decrypt data traffic. The flaws in the encryption routine allow these adversaries to break the encryption without needing access to the encryption keys, while also enabling them to discover these keys by intercepting sufficient messages. This vulnerability underscores the necessity for robust encryption practices to safeguard sensitive information.

Affected Version(s)

Wertheim SafeController Family 65000 Hardware for VAULT ROOMS (Safe Deposit Locker System - Microcontroller) Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319

References

https://wertheim-safes.com/safe-deposit-boxes/

product

https://r.sec-consult.com/wertdev

third-party-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2026
Vulnerability Reserved
Mar 25, 2026

Credit

Gorazd Jank, SEC Consult Vulnerability Lab

Christian Hager, SEC Consult Vulnerability Lab

Philipp Espernberger, SEC Consult Vulnerability Lab

CVE-2026-34022 Data

JSON