CVE-2025-11637

Tomofun Furbo 360 Audio race condition

CVSS 5.3 MEDIUMEPSS 0.3%CWE-362

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 5.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

12 oct 2025Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A vulnerability was detected in Tomofun Furbo 360 up to FB0035_FW_036. Impacted is an unknown function of the component Audio Handler. Performing manipulation results in race condition. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

Productos afectados

Tomofun · Furbo 360

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://vuldb.com/?ctiid.328048 https://vuldb.com/?id.328048 https://vuldb.com/?submit.661362