Metrics
Affected Vendors & Products
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2025-32195 | The Flock Safety Pisco com.flocksafety.android.pisco application 6.21.11 for Android (installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices) has a cleartext Auth0 client secret in its codebase. Because application binaries can be trivially decompiled or inspected, attackers can recover this OAuth secret without special privileges. This secret is intended to remain confidential and should never be embedded directly in client-side software. |
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Fri, 03 Oct 2025 08:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Flock Safety
Flock Safety bravo Edge Ai Compute Device Flocksafety Flocksafety bravo Edge Ai Compute Device Flocksafety falcon Flocksafety license Plate Reader Flocksafety pisco Google android |
|
| Vendors & Products |
Flock Safety
Flock Safety bravo Edge Ai Compute Device Flocksafety Flocksafety bravo Edge Ai Compute Device Flocksafety falcon Flocksafety license Plate Reader Flocksafety pisco Google android |
Thu, 02 Oct 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-319 | |
| Metrics |
cvssV3_1
|
Thu, 02 Oct 2025 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Flock Safety Pisco com.flocksafety.android.pisco application 6.21.11 for Android (installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices) has a cleartext Auth0 client secret in its codebase. Because application binaries can be trivially decompiled or inspected, attackers can recover this OAuth secret without special privileges. This secret is intended to remain confidential and should never be embedded directly in client-side software. | |
| References |
|
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-10-02T19:46:27.571Z
Reserved: 2025-09-15T00:00:00.000Z
Link: CVE-2025-59406
Updated: 2025-10-02T19:46:21.268Z
Status : Awaiting Analysis
Published: 2025-10-02T17:16:06.880
Modified: 2025-10-02T20:15:34.083
Link: CVE-2025-59406
No data.
OpenCVE Enrichment
Updated: 2025-10-03T08:22:31Z
EUVD