CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication.
History

Thu, 02 Jul 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 02 Jul 2026 19:15:00 +0000

Type Values Removed Values Added
Description CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication.
Title Improper verification of cryptographic signature in CubeSpace CW0057 Reaction Wheel
Weaknesses CWE-347
References
Metrics cvssV4_0

{'score': 3.3, 'vector': 'CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-07-02T19:07:38.419Z

Reserved: 2026-06-29T15:29:03.049Z

Link: CVE-2026-13743

cve-icon Vulnrichment

Updated: 2026-07-02T19:07:33.233Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.