Tomofun Furbo 360/Furbo Mini Bluetooth Low Energy karkarabe nderi encryption

CVSS Meta Temp ScoreGarga na exploit ndiyam (≈)CTI Nganji Score
3.8$0-$5k0.10

Gundumabayani

Hakika vulnerability da aka rarraba a matsayin karshewa an gano a Tomofun Furbo 360 and Furbo Mini. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil $software_file, a cikin sashi Bluetooth Low Energy. Wuro manipulation ga karkarabe nderi encryption. Ana kiran wannan rauni da CVE-2025-11640. Wannan hari ba zai yi nasara ba sai an samu damar shiga local network. Kuma, akwai exploit. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Furɗebayani

Hakika vulnerability da aka rarraba a matsayin karshewa an gano a Tomofun Furbo 360 and Furbo Mini. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil $software_file, a cikin sashi Bluetooth Low Energy. Wuro manipulation ga karkarabe nderi encryption. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-319. An gano kuskuren nan 05/15/2025. Lalle, rauni an sanar da shi daga Calvin Star, Julian B (skelet4r and dead1nfluence) tare da Software Secured.

Ana kiran wannan rauni da CVE-2025-11640. Wannan hari ba zai yi nasara ba sai an samu damar shiga local network. Bayani na fasaha ba ga. Wahalhalun kai hari sun yi yawa. Wanda zai yi amfani da shi zai sha wahala. Wannan vulnerability ɗin ba a san shi sosai ba. Kuma, akwai exploit. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.

Á yí huɗɗi-na-gaskiya.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Kayanbayani

Nganji

Ngilabe

Sunu

CPE 2.3bayani

CPE 2.2bayani

CVSSv4bayani

VulDB Furɗo: 🔒
VulDB Gaskiya: 🔍

CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Furɗo: 🔒

CVSSv3bayani

VulDB Meta Base Score: 3.8
VulDB Meta Temp Score: 3.8

VulDB Ganda Borno: 3.1
VulDB Temp Score: 3.0
VulDB Furɗo: 🔒
VulDB Gaskiya: 🔍

NVD Ganda Borno: 5.3
NVD Furɗo: 🔒

CNA Ganda Borno: 3.1
CNA Furɗo: 🔒

CVSSv2bayani

AVACAuCIA
💳💳💳💳💳💳
💳💳💳💳💳💳
💳💳💳💳💳💳
VektarKumpleksitiAuthentisierungKariyandiGaskiyaGashina
furufurufurufurufurufuru
furufurufurufurufurufuru
furufurufurufurufurufuru

VulDB Ganda Borno: 🔒
VulDB Temp Score: 🔒
VulDB Gaskiya: 🔍

Gargajiyabayani

Klasu: Karkarabe nderi encryption
CWE: CWE-319 / CWE-310
CAPEC: 🔒
ATT&CK: 🔒

Fizikal: Ayi
Gumti: Ayi
Gana: Kumgana

Gashina: 🔒
Gada: Kə́mmbə́l
Halitta: Huɗɗi-na-gaskiya

EPSS Score: 🔒
EPSS Percentile: 🔒

Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔒

0-Dayfurufurufurufuru
Lalefurufurufurufuru

Bayani na barazanabayani

Ngam: 🔍
Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍

Kari gamjibayani

Garga: Kumari ndiyam shikena
Halitta: 🔍

0-Day Gana: 🔒

Waktin layibayani

05/15/2025 Kari wuro anndu
06/21/2025 +37 Hənde Karamdiya ga wuro
07/03/2025 +11 Hənde Ngilabe wuro nda.
10/11/2025 +99 Hənde Advisory ganna fa.
10/11/2025 +0 Hənde VulDB gite be nayi
10/29/2025 +18 Hənde VulDB gite wuro karshe ta gyara

Ngizimbayani

Ngamti: Calvin Star, Julian B (skelet4r, dead1nfluence)
Kampani: Software Secured
Halitta: A wondi feere

CVE: CVE-2025-11640 (🔒)
GCVE (CVE): GCVE-0-2025-11640
GCVE (VulDB): GCVE-100-328051
EUVD: 🔒
scip Labs: https://www.scip.ch/en/?labs.20161013

Gumtibayani

Súgá: 10/11/2025 20:38
Gargadi: 10/29/2025 21:36
Goyarwa: 10/11/2025 20:38 (51), 10/12/2025 20:25 (29), 10/12/2025 21:38 (1), 10/17/2025 07:50 (8), 10/17/2025 07:51 (8), 10/17/2025 07:53 (5), 10/29/2025 21:36 (12)
Gadankam: 🔍
Ngwazarma: jTag Labs
Gwamna: jTag Labs
Cache ID: 253:9FC:103

Súbítbayani

Shingilam

  • Súbít #661374: Tomofun Furbo 360, Furbo Mini Furbo 360 (≤ FB0035_FW_036), Furbo Mini (≤ MC0020_FW_074) Plaintext Transmission of Sensitive Information (nga jTag Labs)

Ganaaji

A ga wuroyo kulu. Kàlàmbe: kr + en.

Ngam loga ka, kanyi shidin dum.

GurɗoGumtiGada

Might our Artificial Intelligence support you?

Check our Alexa App!