CVE Catalog

CVE-2026-13743

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

A vulnerability in CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 is due to improper verification of cryptographic signatures. This allows an attacker with physical access to upload arbitrary malicious firmware without authentication.

Risk Assessment

The risk involves potential takeover of the device by an attacker with physical access, which could lead to unauthorized changes in satellite system or other critical infrastructure operations.

Recommendation

Immediately update the CubeSpace CW0057 Reaction Wheel firmware to version 5.0.20 or later. Restrict physical access to devices and implement authentication mechanisms for firmware updates.

Original NVD description (English source)

CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS