Primary

Context

SICK SSH Weak Cipher Vulnerability

Vulnerability

A vulnerability exists in the SSH service of SICK LMS1000 and MRS1000 product families, all versions prior to 2.4.1. The issue arises from the use of weak CBC-based cipher suites and outdated MAC algorithms, which can be exploited by an attacker with network access to intercept, observe, or manipulate SSH communications. This vulnerability compromises the integrity of the SSH session, allowing unauthorized manipulation of transmitted data.

Impact

Exploitation of this vulnerability could lead to unauthorized interception and manipulation of SSH traffic, compromising the integrity of the communication.

Remediation

Users are strongly recommended to upgrade to version 2.4.1. For SICK LMS1000, this applies to all versions through 2.4.0, and for SICK MRS1000, all versions through 2.4.0.

Added: Feb 27, 2026, 9:33 AM

Updated: Feb 27, 2026, 2:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.0

remediation

0.0

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SICK SSH Weak Cipher Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating