CISA

CubeSpace CW0057 Reaction Wheel

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious firmware to the device.

The following versions of CubeSpace CW0057 Reaction Wheel are affected:

CW0057 Reaction Wheel

Vendor

Equipment

CubeSpace

CubeSpace CW0057 Reaction Wheel

Improper Verification of Cryptographic Signature

Critical Infrastructure Sectors: Communications

Countries/Areas Deployed: Worldwide

Company Headquarters Location: South Africa

CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication.

CubeSpace CW0057 Reaction Wheel