NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-34021

Summary	The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485 messages and replay previously observed messages. This can be used, for example, to spoof a "quit alarm" message and continuously deactivate the safe alarm.
Publication Date	June 15, 2026, 9:16 p.m.
Registration Date	June 16, 2026, 4:12 a.m.
Last Update	June 15, 2026, 11:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://r.sec-consult.com/wertdev	551230f0-3615-47bd-b7cc-93e92e730bbf
2	https://wertheim-safes.com/safe-deposit-boxes/	551230f0-3615-47bd-b7cc-93e92e730bbf
3	https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-wertheim-safecontroller-hardware-for-vault-rooms-safe-deposit-locker-system-microcontroller/	134c704f-9b21-4f2e-91b3-4a467353bcc0

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-294	Capture-replayによる認証回避	https://cwe.mitre.org/data/definitions/294.html