CVE-2025-47822 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.4 MEDIUM	PHYSICAL	HIGH	NONE	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	6.4 MEDIUM				CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 9%

Vendor	Product	Version
flocksafety	license_plate_reader_firmware	𝑥 ≤ 2.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-1191 - On-Chip Debug and Test Interface With Improper Access Control
The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

References

https://gainsec.com/2025/06/19/bird-hunting-season-security-research-on-flock-safety-anti-crime-systems/

https://gainsec.com/2025/06/19/grounded-flight-device-2-root-shell-on-flock-safetys-falcon-sparrow-automated-license-plate-reader/

https://gainsec.com/wp-content/uploads/2025/06/flock-safety-researcher-summary.pdf

https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert