CVE-2025-11640

CVSS v3.1

5.3

Medium

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Tomofun Furbo 360 versions prior to FB0035 FW 036 Tomofun Furbo Mini versions prior to MC0020 FW 074

Description A security issue exists in Tomofun Furbo 360 and Furbo Mini related to the Bluetooth Low Energy component. The issue allows for the cleartext transmission of sensitive information. Exploitation requires access to the local network and is considered highly complex with a difficult exploitability.

Recommendations Tomofun Furbo 360 versions prior to FB0035 FW 036 should be updated to FB0035 FW 036 or later. Tomofun Furbo Mini versions prior to MC0020 FW 074 should be updated to MC0020 FW 074 or later.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310CWE-319

Related Identifiers

CVE-2025-11640

Affected Products

Tomofun Furbo 360

Tomofun Furbo Mini

CVE-2025-11640

Weakness Enumeration

Related Identifiers

Affected Products

References · 7