Vulnerability Description
An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if the attacker can interact with the network traffic.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sick | Lms1000 Firmware | < 2.4.1 |
| Sick | Lms1000 | - |
| Sick | Mrs1000 Firmware | < 2.4.1 |
| Sick | Mrs1000 | - |
Related Weaknesses (CWE)
References
- https://sick.com/psirtVendor Advisory
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practicesUS Government Resource
- https://www.first.org/cvss/calculator/3.1Not Applicable
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0005.jsonVendor Advisory
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0005.pdfVendor Advisory
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidVendor Advisory
FAQ
What is CVE-2026-1627?
CVE-2026-1627 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if...
How severe is CVE-2026-1627?
CVE-2026-1627 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-1627?
Check the references section above for vendor advisories and patch information. Affected products include: Sick Lms1000 Firmware, Sick Lms1000, Sick Mrs1000 Firmware, Sick Mrs1000.