Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Outdated SSH Algorithms Allow Data Tampering
CVE-2026-1627
Summary
The SSH service in this device uses old and weak algorithms to protect data in transit. This makes it possible for an attacker to intercept and alter the data being sent. To fix this, update the device's SSH configuration to use stronger algorithms.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| sick | lms1000_firmware | <= 2.4.1 | – |
| sick | mrs1000_firmware | <= 2.4.1 | – |
Original title
An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data...
Original description
An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if the attacker can interact with the network traffic.
nvd CVSS3.1
8.1
Vulnerability type
CWE-327
Use of a Broken Cryptographic Algorithm
- https://sick.com/psirt Vendor Advisory
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices US Government Resource
- https://www.first.org/cvss/calculator/3.1 Not Applicable
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0005.json Vendor Advisory
- https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0005.pdf Vendor Advisory
- https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guid... Vendor Advisory
Published: 27 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026