← back
CVE-2026-1626

CVE-2026-1626

CVSS 6.5 MEDIUMEPSS 0.2%CWE-327
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
27 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected products
SICK AG · SICK LMS1000SICK AG · SICK MRS1000

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://sick.com/psirthttps://www.cisa.gov/resources-tools/resources/ics-recommended-practiceshttps://www.first.org/cvss/calculator/3.1https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdfhttps://www.sick.com/.well-known/csaf/white/2026/sca-2026-0005.jsonhttps://www.sick.com/.well-known/csaf/white/2026/sca-2026-0005.pdf