CVE-2025-47824 identifies a vulnerability in Flock Safety License Plate Reader (LPR) devices running firmware versions up to 2.2. The issue is classified under CWE-312, which pertains to the cleartext storage of sensitive information. Specifically, these LPR devices store code or sensitive data in an unencrypted, cleartext format on the device. This practice exposes the stored information to unauthorized access if an attacker gains physical or logical access to the device's storage. Although the vulnerability does not directly affect the confidentiality, integrity, or availability of the system in a high-impact manner, it poses a risk of information disclosure. The CVSS v3.1 base score is 2.0, indicating a low severity level, with the vector string CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. This means the attack vector is physical (AV:P), requiring high attack complexity (AC:H), no privileges (PR:N), no user interaction (UI:N), unchanged scope (S:U), and only low impact on confidentiality (C:L) with no impact on integrity or availability. There are no known exploits in the wild, and no patches have been published yet. The vulnerability primarily arises from insecure storage practices in the firmware, which could be mitigated by encrypting sensitive data at rest and improving secure coding practices in firmware development.

For European organizations deploying Flock Safety LPR devices, the impact of this vulnerability is relatively low but still noteworthy. The cleartext storage of sensitive information could allow an attacker with physical access to the device to extract data that might include proprietary code or configuration details. While this does not immediately compromise the operational integrity or availability of the LPR system, it could facilitate further attacks or reverse engineering efforts. In law enforcement or private security contexts, where these devices are often used to monitor vehicle movements, unauthorized data disclosure could lead to privacy concerns or undermine trust in surveillance systems. However, since exploitation requires physical access and high complexity, the risk of remote exploitation or widespread compromise is minimal. Organizations should consider the sensitivity of the stored data and the physical security of deployed devices when assessing their risk posture.

To mitigate this vulnerability, organizations should prioritize the following actions: 1) Work with Flock Safety to obtain firmware updates that implement encryption for all sensitive data stored on the device, ensuring data at rest is protected. 2) Enhance physical security controls around LPR devices to prevent unauthorized access, including tamper-evident seals, secure mounting, and restricted access areas. 3) Conduct regular audits of device configurations and storage to detect any unauthorized access or data leakage. 4) Implement strict access control policies for personnel who manage or maintain these devices, ensuring only trusted individuals have physical access. 5) If firmware updates are not immediately available, consider isolating affected devices on secure network segments and monitoring for unusual activity. 6) Engage with the vendor for guidance on secure deployment best practices and timelines for patch releases. These steps go beyond generic advice by focusing on both technical and operational controls tailored to the nature of this vulnerability.