CVE-2026-34022 Wertheim GmbH CVE debrief

Who should care

Users of the Wertheim SafeController Family 65000, specifically those with Controller 65000 running AssemblyVersion 6.11.8130.22319, should be aware of this vulnerability as it could allow attackers to intercept and decrypt their communication.

Technical summary

The vulnerability involves the use of weak custom cryptographic algorithms with hard-coded keys in the Wertheim SafeController Family 65000. This allows for the decryption of data traffic by an attacker in an adversary-in-the-middle position. The encryption can be broken, and messages can be decrypted without the encryption key. The encryption key can also be determined by intercepting enough messages.

Defensive priority

High

Recommended defensive actions

• Update to a version of Controller 65000 that uses secure cryptographic algorithms and practices.
• Implement secure key management practices to prevent the use of hard-coded keys.
• Use secure communication protocols that are resistant to interception and decryption by unauthorized parties.
• Monitor communication for signs of tampering or interception.

Evidence notes

Evidence suggests that the vendor, referred to as 'Unknown Vendor' with low confidence, has a product affected by this vulnerability. The canonical source for this information is noted as 'reference_domain_weak' with evidence from 'Sec Consult'.

Official resources