Primary

Context

Flock Safety Gunshot Detection Devices Hardcoded Password Vulnerability

Vulnerability

A vulnerability exists in Flock Safety gunshot detection devices prior to version 1.3, where a hardcoded password is implemented for system access. This issue, categorized under CWE-798 for hardcoded credentials, requires physical access to the device and knowledge of debugging to exploit. The vulnerability does not affect Flock's cloud platform, where most data is stored securely.

Impact

Exploitation of this vulnerability could potentially allow unauthorized access to the device's system, although it is noted that such access would not include video footage due to Flock's data management practices.

Remediation

Flock Safety plans to address this vulnerability through Over the Air Updates and improved factory settings for new devices, starting in Q2 2025.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Flock Safety Gunshot Detection Devices Hardcoded Password Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating