HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-34024Published Modified CNA SEC-VLab

CVE-2026-34024: Missing authorization checks in Wertheim SafeController Software allow low-privileged users to access restricted functions

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains missing authorization checks on multiple web application endpoints. An authenticated attacker with minimal privileges can access endpoints that are not visible in the frontend but remain directly reachable. This allows the attacker to perform restricted actions such as switching the user's branch, uploading arbitrary files, downloading arbitrary files, and viewing details of arbitrary branches.

Metrics

CVSS v4.0
8.6
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

Missing authorization checks in Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) allow an authenticated low-privileged user to reach restricted backend endpoints directly over the network. The affected endpoints bypass frontend access controls entirely, giving the attacker access to functions that should require elevated permissions. Successful exploitation lets an attacker read arbitrary files, upload arbitrary files, switch branch contexts, and view sensitive branch details without administrative rights. No fix version has been published; HarborGuard tracks this advisory for patch availability.

HarborGuard Coverage

Detection

Detection of CVE-2026-34024 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images containing the affected Wertheim SafeController Software assembly version. Any image carrying AssemblyVersion 6.15.8328.28014 of the affected package will surface in scan results automatically.

Available
Triage

Triage is available with the full CVSS v4.0 score of 8.6 (HIGH), weighted against each customer organization's compliance policy to determine priority and routing. Findings are directed to the appropriate team inbox within each customer org based on configured ownership rules for the affected workloads.

Available
Patch

Because no upstream fix version has been published for CVE-2026-34024, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment Wertheim GmbH ships a remediated release. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will be triggered without manual intervention once a fix version is known.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the SafeController web application over the network; the vulnerable endpoints are exposed via standard HTTP/S.

  • AuthenticationRequired

    A valid account is required, but any low-privilege user account is sufficient; no administrative or elevated credentials are needed.

  • Victim interactionNot required

    No action from another user or administrator is needed; the attacker calls the restricted endpoints directly.

  • Attack complexityDetail

    Exploitation is straightforward and condition-free; the attacker simply sends direct HTTP requests to undocumented but reachable endpoints with no race conditions or special environmental setup required.

Blast Radius

  • Reads arbitrary files stored within the application's accessible file paths, including potentially sensitive configuration data and branch records.
  • Downloads arbitrary files from the system, enabling exfiltration of documents or data tied to vault room and safe deposit locker operations.
  • Uploads arbitrary files to the server, which may overwrite existing content or introduce malicious payloads into the application's file store.
  • Switches branch context and views details of arbitrary branches, exposing organizational structure and operational data across all configured branches.

How HarborGuard Handles This

Available on HarborGuard: because no upstream patch exists for CVE-2026-34024, the platform monitors the Wertheim advisory on every ingest cycle and will trigger a patched-image rebuild the moment a fix version is published. For customers with auto-remediation enabled, that rebuild is followed immediately by a regression test run and a PR opened against all affected workloads, with no manual steps required. In the interim, compensating controls are worth considering: network-policy isolation to restrict access to the SafeController web application to known, trusted source IPs; egress filtering to limit what the application server can reach if a malicious upload is exploited further; and role or feature-flag gating at the reverse-proxy or API-gateway layer to block direct requests to the undocumented endpoints. HarborGuard will surface the advisory in the affected-image findings list so that teams can track exposure until Wertheim GmbH publishes a remediated assembly version.

See how HarborGuard automates this
Affected packages
  • Wertheim GmbH / Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)
    Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
References