CVE-2025-59404
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-25
Last updated on: 2025-10-23
Assigner: MITRE
Description
Description
Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with its bootloader unlocked. This permits bypass of Android Verified Boot (AVB) and allows direct modification of partitions.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| flocksafety | bravo_compute_box_firmware | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1274 | The product conducts a secure-boot process that transfers bootloader code from Non-Volatile Memory (NVM) into Volatile Memory (VM), but it does not have sufficient access control or other protections for the Volatile Memory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability is that the Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with its bootloader unlocked. This allows an attacker to bypass Android Verified Boot (AVB) and directly modify device partitions.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized modification of the device's software partitions, potentially leading to compromised device integrity, unauthorized code execution, or installation of malicious software.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70