CVE-2026-34029
MediumCVSS 6.8Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key.
Risk Assessment
The disclosure of the cryptographic key may lead to the decryption of the licence.whs file, jeopardizing the confidentiality of information about the licensing party and allowing access to other configuration files.
Recommendation
It is recommended to remove the hard-coded cryptographic key and implement more secure key management methods, such as dynamic key generation or the use of external key management systems.
Original NVD description (English source)
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This key can be used to decrypt the licence.whs file, which contains sensitive information about the licensing party and a second key that can be used to decrypt other configuration files.

