CVE-2026-34022

CVE Database · CVE-2026-34022

CVE-2026-34022

· N/AReceived

CVSS v3.1

N/A

CVSS v4.0

7.1

EPSS

0.12%

Published

Jun 15, 2026

Modified

Jun 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319, uses weak custom cryptographic algorithms with hard-coded cryptographic keys to protect communication. An attacker in an adversary-in-the-middle position can decrypt the data traffic. During reassessment, it was possible to break the encryption/decryption routine and decrypt messages without knowledge of the encryption key. It was also possible to gain knowledge about the encryption key by intercepting enough messages.

Weaknesses (CWE)

CWE-321

References (3)

https://r.sec-consult.com/wertdev

https://wertheim-safes.com/safe-deposit-boxes/

https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-wertheim-safecontroller-hardware-for-vault-rooms-safe-deposit-locker-system-microcontroller/

KEV Catalog EPSS Scores Vendors All CVEs