4 matches found
CVE-2025-59405
The CVE-2025-59405 entry concerns the Flock Safety Peripheral Android app (com.flocksafety.android.peripheral) version 7.38.3, deployed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices. Root cause: a cleartext DataDog API key is embedded in the client-side codebase, e...
CVE-2025-59403
The Flock Safety Android Collins app (com.flocksafety.android.collins) v6.35.31 for Android exposes unauthenticated administrative API endpoints on port 8080 (e.g., /reboot, /logs, /crashpack, /adb/enable) that control camera feed on Falcon, Sparrow, and Bravo devices. Root cause is lack of authe...
CVE-2025-59406
The CVE-2025-59406 entry concerns the Flock Safety Pisco Android app (v6.21.11) installed on Falcon/Sparrow License Plate Readers and Bravo Edge AI Compute Devices. The root cause is a cleartext Auth0 client secret embedded in the client-side codebase, which can be extracted by decompiling or ins...
CVE-2025-59407
The CVE-2025-59407 entry affects Flock Safety DetectionProcessing for Android (version 6.35.33) on Falcon/Sparrow LPRs and Bravo Edge devices. The code bundles a Java Keystore (flock_rye.bks) with a hardcoded password (flockhibiki17); the keystore contains a private key, enabling potential privat...