CVE-2025-11637 – A race condition vulnerability exists in the Au... (How to Fix)

Q: What is the severity of CVE-2025-11637?

CVE-2025-11637 has a CVSS score of 4.3 (MEDIUM). A race condition vulnerability exists in the Audio Handler component of Tomofun Furbo 360 devices up to firmware version FB0035_FW_036. This allows remote attackers to potentially manipulate audio functions through timing-based attacks. All users of affected Furbo 360 pet cameras with vulnerable firmware are impacted.

📋 TL;DR

A race condition vulnerability exists in the Audio Handler component of Tomofun Furbo 360 devices up to firmware version FB0035_FW_036. This allows remote attackers to potentially manipulate audio functions through timing-based attacks. All users of affected Furbo 360 pet cameras with vulnerable firmware are impacted.

💻 Affected Systems

Products:

Tomofun Furbo 360

Versions: Up to firmware version FB0035_FW_036

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running vulnerable firmware versions are affected. The specific Audio Handler function impacted is unknown.

📦 What is this software?

Furbo 360 Dog Camera Firmware by Furbo

View all CVEs affecting Furbo 360 Dog Camera Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains unauthorized access to audio functions, potentially enabling eavesdropping, denial of service, or manipulation of device audio features.

🟠

Likely Case

Audio functionality disruption or unexpected behavior during concurrent audio operations, potentially affecting device reliability.

🟢

If Mitigated

Minimal impact with proper network segmentation and access controls limiting exposure to trusted networks only.

🌐 Internet-Facing: HIGH - Attack can be carried out remotely without authentication, making internet-exposed devices particularly vulnerable.

🏢 Internal Only: MEDIUM - Internal network exposure still presents risk from compromised internal hosts or malicious insiders.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Race condition exploitation requires precise timing and may be challenging to execute reliably. No public exploit code is available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware version after FB0035_FW_036

Vendor Advisory: No vendor advisory available - vendor did not respond to disclosure

Restart Required: No

Instructions:

1. Check current firmware version in Furbo app settings. 2. If version is FB0035_FW_036 or earlier, update to latest firmware via the Furbo mobile app. 3. Verify update completes successfully.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Furbo devices on separate VLAN or network segment to limit attack surface

Disable Remote Access

all

Limit device access to local network only if remote features are not required

🧯 If You Can't Patch

Segment device on isolated network with strict firewall rules
Monitor network traffic to/from device for unusual audio-related patterns

🔍 How to Verify

Check if Vulnerable:

Check firmware version in Furbo mobile app: Settings > Device Info > Firmware Version. If version is FB0035_FW_036 or lower, device is vulnerable.

Check Version:

No CLI command available - check via Furbo mobile app interface

Verify Fix Applied:

After updating, verify firmware version shows higher than FB0035_FW_036 in the Furbo app settings.

📡 Detection & Monitoring

Log Indicators:

Multiple rapid audio function calls
Audio handler error messages
Unexpected audio state changes

Network Indicators:

Unusual timing patterns in audio-related network traffic
Multiple concurrent connections to audio ports

SIEM Query:

No specific SIEM query available due to proprietary nature of device logging

📊 Metadata

CVE ID: CVE-2025-11637

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-362

EPSS Score: 0.07% exploit probability (22.1th percentile)

Published: October 12, 2025

Last Updated: October 30, 2025

🔗 References

https://vuldb.com/?ctiid.328048 Permissions Required,VDB Entry
https://vuldb.com/?id.328048 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.661362 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11637, you might also want to check these: