Denial of Service Vulnerability in Tomofun Furbo Devices
CVE-2025-11638

5.3MEDIUM

Key Information:

Vendor

Tomofun

Status
Furbo 360
Furbo Mini
Vendor
CVE Published:
12 October 2025

What is CVE-2025-11638?

A vulnerability has been identified in the Tomofun Furbo 360 and Furbo Mini, specifically related to the Bluetooth Handler component. This issue allows an attacker with local network access to execute manipulation techniques that can result in a denial of service. Firmware versions prior to FB0035_FW_036 for Furbo 360 and MC0020_FW_074 for Furbo Mini are affected. The vendor has been informed of this security concern, but has yet to respond.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Furbo 360

Furbo Mini

References

https://vuldb.com/?id.328049
vdb-entrytechnical-description
https://vuldb.com/?ctiid.328049
signaturepermissions-required
https://vuldb.com/?submit.661363
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

jTag Labs (VulDB User)
JSON
.