Cyber Resilience

CVE-2025-47819

Medium

Published: 27 June 2025

Published
27 June 2025
Modified
24 October 2025
KEV Added
Patch
CVSS Score v3.1 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0013 31.3th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47819 is a medium-severity On-Chip Debug and Test Interface With Improper Access Control (CWE-1191) vulnerability in Flocksafety Gunshot Detection Firmware. Its CVSS base score is 6.4 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 31.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1059.004 Unix Shell Execution
Adversaries may abuse Unix shell commands and scripts for execution.
T1082 System Information Discovery Discovery
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
Why these techniques?

Improper access control on the on-chip debug interface enables physical attackers to connect via UART, gaining boot logs for system information discovery (T1082), a debug/root shell for Unix shell execution (T1059.004), and privilege escalation via exploitation of the interface (T1068).

Affected Assets

flocksafety
gunshot detection firmware
≤ 1.3

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-1191

Directly mitigates exposure of on-chip debug and test interfaces by disabling or removing them.

addresses: CWE-1191

Inspection of on-chip debug/test interfaces can identify tampering or unauthorized access that those interfaces enable.

References