PatchSiren cyber security CVE debrief
CVE-2026-34029 Wertheim CVE debrief
CVE-2026-34029 is a medium-severity vulnerability in the Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014. The vulnerability is caused by a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This key can be used to decrypt the licence.whs file, which contains sensitive information about the licensing party and a second key that can be used to decrypt other configuration files.
- Vendor
- Wertheim
- Product
- SafeController Software
- CVSS
- MEDIUM 6.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The CVSS score for this vulnerability is 6.8, with a severity rating of MEDIUM. The vulnerability has been assigned a CWE-321 weakness.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates provided by the vendor to address the vulnerability.
- Restrict access to the application files to prevent unauthorized access.
- Monitor for suspicious activity related to the licence.whs file and other configuration files.
Evidence notes
The CVE record and NVD detail pages provide additional information about this vulnerability.
Official resources
-
CVE-2026-34029 CVE record
CVE.org
-
CVE-2026-34029 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
551230f0-3615-47bd-b7cc-93e92e730bbf
-
Source reference
551230f0-3615-47bd-b7cc-93e92e730bbf
CVE-2026-34029 was published on 2026-06-15T12:16:25.500Z and has not been modified since then.