CVE Catalog

CVE-2026-34029

MediumCVSS 6.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key.

Risk Assessment

The disclosure of the cryptographic key may lead to the decryption of the licence.whs file, jeopardizing the confidentiality of information about the licensing party and allowing access to other configuration files.

Recommendation

It is recommended to remove the hard-coded cryptographic key and implement more secure key management methods, such as dynamic key generation or the use of external key management systems.

Original NVD description (English source)

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This key can be used to decrypt the licence.whs file, which contains sensitive information about the licensing party and a second key that can be used to decrypt other configuration files.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS