Auth bypass in Wertheim Gmbh Safecontroller Software For Vault Rooms (Safe Deposit Locker System)

CVE-2026-34023

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket communication used by the SafeController WebMessageBroker. An authenticated attacker with valid low-p…

Vulnerability class: Broken Access Control

Affected products

Wertheim Gmbh Safecontroller Software For Vault Rooms (Safe Deposit Locker System) — versions Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014

Weakness classification (CWE)

CWE-863 — Incorrect Authorization

References

551230f0-3615-47bd-b7cc-93e92e730bbf (product)
551230f0-3615-47bd-b7cc-93e92e730bbf (third-party-advisory)