CVE-2025-47822 – Flock Safety LPR devices have an improperly sec... (How to Fix)

Q: What is the severity of CVE-2025-47822?

CVE-2025-47822 has a CVSS score of 6.4 (MEDIUM). Flock Safety LPR devices have an improperly secured on-chip debug interface that allows physical attackers to gain root access. This affects all Flock Safety Falcon and Sparrow license plate reader devices with firmware up to version 2.2. Attackers with physical access can bypass security controls and compromise the device.

📋 TL;DR

Flock Safety LPR devices have an improperly secured on-chip debug interface that allows physical attackers to gain root access. This affects all Flock Safety Falcon and Sparrow license plate reader devices with firmware up to version 2.2. Attackers with physical access can bypass security controls and compromise the device.

💻 Affected Systems

Products:

Flock Safety Falcon LPR
Flock Safety Sparrow LPR

Versions: firmware through 2.2

Operating Systems: Embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All devices with firmware ≤2.2 are vulnerable. Physical access to device internals required.

📦 What is this software?

License Plate Reader Firmware by Flocksafety

View all CVEs affecting License Plate Reader Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Physical attacker gains root shell, extracts sensitive data (license plate databases, credentials), installs persistent malware, or repurposes device for other attacks.

🟠

Likely Case

Physical attacker gains root access to modify device functionality, extract collected license plate data, or disable security features.

🟢

If Mitigated

With proper physical security controls, the risk is limited to authorized personnel with physical access to device internals.

🌐 Internet-Facing: LOW (requires physical access to device hardware)

🏢 Internal Only: MEDIUM (requires physical access but could be exploited by insiders or during maintenance)

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires opening device case and connecting to debug pads. Detailed technical walkthrough available in researcher reports.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.3 or later

Vendor Advisory: https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert

Restart Required: Yes

Instructions:

1. Log into Flock Safety dashboard. 2. Navigate to device management. 3. Check for firmware updates. 4. Apply firmware version 2.3 or later. 5. Reboot device after update completes.

🔧 Temporary Workarounds

Physical Security Hardening

all

Implement tamper-evident seals and physical security controls to prevent unauthorized access to device internals.

Network Segmentation

all

Isolate LPR devices on separate network segments with strict firewall rules to limit lateral movement if compromised.

🧯 If You Can't Patch

Implement strict physical security controls and tamper monitoring
Isolate devices on segmented networks with minimal required access

🔍 How to Verify

Check if Vulnerable:

Check firmware version via Flock Safety dashboard or device web interface. If version ≤2.2, device is vulnerable.

Check Version:

Not applicable - check via Flock Safety management interface

Verify Fix Applied:

Confirm firmware version is 2.3 or later in device management interface.

📡 Detection & Monitoring

Log Indicators:

Physical tampering alerts
Unexpected device reboots
Firmware version changes

Network Indicators:

Unexpected outbound connections from LPR devices
Anomalous network traffic patterns

SIEM Query:

source="flock-lpr" AND (event="tamper_detected" OR event="firmware_change")

📊 Metadata

CVE ID: CVE-2025-47822

CVSS v3 Score: 6.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-1191

EPSS Score: 0.03% exploit probability (6.8th percentile)

Published: June 27, 2025

Last Updated: October 23, 2025

🔗 References

https://gainsec.com/2025/06/19/bird-hunting-season-security-research-on-flock-safety-anti-crime-systems/ Third Party Advisory
https://gainsec.com/2025/06/19/grounded-flight-device-2-root-shell-on-flock-safetys-falcon-sparrow-automated-license-plate-reader/ Third Party Advisory
https://gainsec.com/wp-content/uploads/2025/06/flock-safety-researcher-summary.pdf Third Party Advisory
https://www.flocksafety.com/articles/gunshot-detection-and-license-plate-reader-security-alert Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-47822, you might also want to check these: