Tomofun Furbo 360/Furbo Mini UART Interface Bayani fitowa
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 2.7 | $0-$5k | 0.00 |
Gunduma
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin Tomofun Furbo 360 and Furbo Mini. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, $software_file na cikin fayil, UART Interface na cikin sashi. Ngam manipulation shi Bayani fitowa. Wannan rauni ana sayar da shi da suna CVE-2025-11644. Ngam yiɗi laaɗi wuroo ndiyam e naange physical device. Kuma, exploit ɗin yana akwai. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Furɗe
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin Tomofun Furbo 360 and Furbo Mini. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, $software_file na cikin fayil, UART Interface na cikin sashi. Ngam manipulation shi Bayani fitowa. CWE shidin ka a yi bayani matsala sai ya kai CWE-922. Bug ɗin an gano shi 05/15/2025. Gaskiya, laifi an fitar da shi ta Calvin Star, Julian B (skelet4r and dead1nfluence) da Software Secured. Advisory ɗin ana rabawa don saukewa a github.com.
Wannan rauni ana sayar da shi da suna CVE-2025-11644. Ngam yiɗi laaɗi wuroo ndiyam e naange physical device. Tekinikal bayani ba ga. Kari gamji na kai hari ya fi girma. Wuro kaɗa a yi amfani da shi da sauki. Wannan vulnerability ɗin ba shi da yawa sosai. Kuma, exploit ɗin yana akwai. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.
Á wúro huɗɗi-na-gaskiya. Wona yiwuwa a zazzage exploit a github.com.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Kayan
Nganji
Ngilabe
Sunu
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔒VulDB Gaskiya: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Furɗo: 🔒
CVSSv3
VulDB Meta Base Score: 2.7VulDB Meta Temp Score: 2.7
VulDB Ganda Borno: 2.0
VulDB Temp Score: 1.9
VulDB Furɗo: 🔒
VulDB Gaskiya: 🔍
NVD Ganda Borno: 4.2
NVD Furɗo: 🔒
CNA Ganda Borno: 2.0
CNA Furɗo: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔒
VulDB Temp Score: 🔒
VulDB Gaskiya: 🔍
Gargajiya
Klasu: Bayani fitowaCWE: CWE-922 / CWE-200 / CWE-284
CAPEC: 🔒
ATT&CK: 🔒
Fizikal: Ee
Gumti: Ee
Gana: Ayi
Gashina: 🔒
Gada: Kə́mmbə́l
Halitta: Huɗɗi-na-gaskiya
Dawunload: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔒
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: Kumari ndiyam shikenaHalitta: 🔍
0-Day Gana: 🔒
Waktin layi
05/15/2025 Kari wuro anndu06/21/2025 Karamdiya ga wuro
07/03/2025 Ngilabe wuro nda.
10/11/2025 Advisory ganna fa.
10/11/2025 VulDB gite be nayi
10/29/2025 VulDB gite wuro karshe ta gyara
Ngizim
Gargaaji: github.comNgamti: Calvin Star, Julian B (skelet4r, dead1nfluence)
Kampani: Software Secured
Halitta: A wondi feere
CVE: CVE-2025-11644 (🔒)
GCVE (CVE): GCVE-0-2025-11644
GCVE (VulDB): GCVE-100-328055
EUVD: 🔒
scip Labs: https://www.scip.ch/en/?labs.20161013
Gumti
Súgá: 10/11/2025 20:38Gargadi: 10/29/2025 21:36
Goyarwa: 10/11/2025 20:38 (55), 10/12/2025 23:07 (1), 10/12/2025 23:14 (29), 10/18/2025 09:14 (15), 10/29/2025 21:36 (12)
Gadankam: 🔍
Ngwazarma: jTag Labs
Gwamna: jTag Labs
Cache ID: 253:CDD:103
Súbít
Shingilam
- Súbít #661878: Tomofun Furbo 360, Furbo Mini Furbo 360 (≤ FB0035_FW_036), Furbo Mini (≤ MC0020_FW_074) Insecure Storage of Sensitive Information (nga jTag Labs)
Dublikat
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.