CVE-2025-47819
CVE-2025-47819
In short
Flock Safety Gunshot Detection devices before version 1.3 have a debug interface on the chip that isn't properly protected, allowing unauthorized access to sensitive system functions.
Technical detail
An unprotected on-chip debug interface (likely JTAG or similar) in Flock Safety Gunshot Detection devices prior to v1.3 permits attackers with physical access to bypass authentication mechanisms and interact with the device's internals. This CWE-1191 vulnerability enables unauthorized firmware extraction, memory access, and potential system compromise.
Summary generated and translated by AI from the official description.
Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control.
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Flock Safety · Gunshot Detection devicesWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://gainsec.com/2025/06/19/bird-hunting-season-security-research-on-flock-safety-anti-crime-systems/https://gainsec.com/2025/06/19/plucked-and-rooted-device-1-debug-shell-on-flock-safetys-raven-gunshot-detection-system/https://gainsec.com/wp-content/uploads/2025/06/flock-safety-researcher-summary.pdfhttps://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert