The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This key can be used to decrypt the licence.whs file, which contains sensitive information about the licensing party and a second key that can be used to decrypt other configuration files.
Credits
Christian Hager, SEC Consult Vulnerability Lab
Gorazd Jank, SEC Consult Vulnerability Lab
Philipp Espernberger, SEC Consult Vulnerability Lab
