Information Disclosure Vulnerability in Tomofun Furbo 360 and Furbo Mini
CVE-2025-11634

2.4LOW

Key Information:

Vendor: Tomofun
Status: Furbo 360; Furbo Mini
Vendor: CVE Published:; 12 October 2025

What is CVE-2025-11634?

A security flaw has been identified in the UART interface of Tomofun's Furbo 360 and Furbo Mini devices, potentially leading to unauthorized information disclosure. Physical attacks on the devices could exploit this vulnerability. Affected firmware versions include Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. Despite early communication about the issue, the vendor has not provided any response.