Improper Verification of Cryptographic Signature in CubeSpace Reaction Wheel Firmware
CVE-2026-13743
3.3LOW
What is CVE-2026-13743?
The CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 possess a vulnerability that enables an attacker with physical access to upload malicious firmware without authentication. This flaw in the cryptographic signature verification process could allow unauthorized modifications to the device, potentially compromising its integrity and functionality. It is essential for users to update to the latest firmware version to mitigate this security risk.
Affected Version(s)
CW0057 Reaction Wheel 0 < 5.0.20
References
CVSS V4
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Anthony Rose reported this vulnerability to CISA.
