var-202006-0006
Vulnerability from variot
The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information. Ignition Is Inductive Automation Industrial software provided by. Ignition Is vulnerable to several vulnerabilities: * Lack of authentication for important features (CWE-306) - CVE-2020-12004, CVE-2020-14479 * Deserialize untrusted data (CWE-502) - CVE-2020-10644, CVE-2020-12000The expected impact depends on each vulnerability, but it may be affected as follows. * Confidential information is stolen by a remote third party because authentication is not performed when requesting a query to the server - CVE-2020-12004, CVE-2020-14479 * Inadequate validation of serialized data deserializes untrusted data provided by a remote third party and executes arbitrary code with system privileges - CVE-2020-10644, CVE-2020-12000. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.The specific flaw exists with the handling of project diffs. An attacker can leverage this to execute code in the context of SYSTEM. The platform supports SCADA (Data Acquisition and Monitoring System), HMI (Human Machine Interface), etc. Attackers can use this vulnerability to obtain sensitive information
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "ignition gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "inductiveautomation",
"version": "7.9.14"
},
{
"_id": null,
"model": "ignition gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "inductiveautomation",
"version": "7.2.4.48"
},
{
"_id": null,
"model": "ignition gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "inductiveautomation",
"version": "8.0.10"
},
{
"_id": null,
"model": "ignition gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "inductiveautomation",
"version": "8.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "ignition gateway",
"version": "*"
},
{
"_id": null,
"model": "ignition",
"scope": "eq",
"trust": 0.8,
"vendor": "inductive automation",
"version": "8.0.10"
},
{
"_id": null,
"model": "ignition",
"scope": null,
"trust": 0.7,
"vendor": "inductive automation",
"version": null
},
{
"_id": null,
"model": "automation ignition",
"scope": "lt",
"trust": 0.6,
"vendor": "inductive",
"version": "8.0.10"
},
{
"_id": null,
"model": "automation ignition",
"scope": "lt",
"trust": 0.6,
"vendor": "inductive",
"version": "7.9.14"
}
],
"sources": [
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3"
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc"
},
{
"db": "ZDI",
"id": "ZDI-20-686"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "NVD",
"id": "CVE-2020-10644"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:inductiveautomation:ignition",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
}
]
},
"credits": {
"_id": null,
"data": "Team FLASHBACK: Pedro Ribeiro (pedrib@gmail.com|@pedrib1337) and Radek Domanski (@RabbitPro)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-686"
}
],
"trust": 0.7
},
"cve": "CVE-2020-10644",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-10644",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-34643",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-163143",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-004797",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 1.6,
"userInteraction": "None",
"vectorString": "3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10644",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-004797",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA score",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-004797",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-10644",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "IPA",
"id": "JVNDB-2020-004797",
"trust": 1.6,
"value": "Medium"
},
{
"author": "IPA",
"id": "JVNDB-2020-004797",
"trust": 1.6,
"value": "Critical"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-10644",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-10644",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2020-34643",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-1323",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-163143",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3"
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc"
},
{
"db": "ZDI",
"id": "ZDI-20-686"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
},
{
"db": "VULHUB",
"id": "VHN-163143"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1323"
},
{
"db": "NVD",
"id": "CVE-2020-10644"
}
]
},
"description": {
"_id": null,
"data": "The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information. Ignition Is Inductive Automation Industrial software provided by. Ignition Is vulnerable to several vulnerabilities: * Lack of authentication for important features (CWE-306) - CVE-2020-12004, CVE-2020-14479 * Deserialize untrusted data (CWE-502) - CVE-2020-10644, CVE-2020-12000The expected impact depends on each vulnerability, but it may be affected as follows. * Confidential information is stolen by a remote third party because authentication is not performed when requesting a query to the server - CVE-2020-12004, CVE-2020-14479 * Inadequate validation of serialized data deserializes untrusted data provided by a remote third party and executes arbitrary code with system privileges - CVE-2020-10644, CVE-2020-12000. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability.The specific flaw exists with the handling of project diffs. An attacker can leverage this to execute code in the context of SYSTEM. The platform supports SCADA (Data Acquisition and Monitoring System), HMI (Human Machine Interface), etc. Attackers can use this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10644"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "ZDI",
"id": "ZDI-20-686"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
},
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3"
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc"
},
{
"db": "VULHUB",
"id": "VHN-163143"
}
],
"trust": 3.24
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-163143",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163143"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2020-10644",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-147-01",
"trust": 3.1
},
{
"db": "PACKETSTORM",
"id": "158226",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-20-686",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2020-34643",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1323",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU91608150",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-10276",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "46771",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1872",
"trust": 0.6
},
{
"db": "IVD",
"id": "0243ACD1-A6E8-498A-BB1D-677FA500FFE3",
"trust": 0.2
},
{
"db": "IVD",
"id": "0DF72E19-8991-452B-AA9E-DFB4039451CC",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-163143",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3"
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc"
},
{
"db": "ZDI",
"id": "ZDI-20-686"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
},
{
"db": "VULHUB",
"id": "VHN-163143"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1323"
},
{
"db": "NVD",
"id": "CVE-2020-10644"
}
]
},
"id": "VAR-202006-0006",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3"
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
},
{
"db": "VULHUB",
"id": "VHN-163143"
}
],
"trust": 1.83125
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3"
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
}
]
},
"last_update_date": "2024-11-23T21:59:12.805000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Ignition Release Notes",
"trust": 0.8,
"url": "https://inductiveautomation.com/downloads/releasenotes/8.0.10"
},
{
"title": "Inductive Automation has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-147-01"
},
{
"title": "Patch for Inductive Automation Ignition code issue vulnerability (CNVD-2020-34643)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/223069"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-686"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-502",
"trust": 1.9
},
{
"problemtype": "CWE-306",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-163143"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "NVD",
"id": "CVE-2020-10644"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-147-01"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/158226/inductive-automation-ignition-remote-code-execution.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14479"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12004"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10644"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12000"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91608150/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1872/"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-686/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10644"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/46771"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-686"
},
{
"db": "CNVD",
"id": "CNVD-2020-34643"
},
{
"db": "VULHUB",
"id": "VHN-163143"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1323"
},
{
"db": "NVD",
"id": "CVE-2020-10644"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3",
"ident": null
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-20-686",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2020-34643",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-163143",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004797",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1323",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2020-10644",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2020-05-26T00:00:00",
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3",
"ident": null
},
{
"date": "2020-05-26T00:00:00",
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc",
"ident": null
},
{
"date": "2020-06-01T00:00:00",
"db": "ZDI",
"id": "ZDI-20-686",
"ident": null
},
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-34643",
"ident": null
},
{
"date": "2020-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-163143",
"ident": null
},
{
"date": "2020-05-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004797",
"ident": null
},
{
"date": "2020-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1323",
"ident": null
},
{
"date": "2020-06-09T18:15:10.590000",
"db": "NVD",
"id": "CVE-2020-10644",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-06-29T00:00:00",
"db": "ZDI",
"id": "ZDI-20-686",
"ident": null
},
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-34643",
"ident": null
},
{
"date": "2020-06-25T00:00:00",
"db": "VULHUB",
"id": "VHN-163143",
"ident": null
},
{
"date": "2020-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004797",
"ident": null
},
{
"date": "2020-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-1323",
"ident": null
},
{
"date": "2024-11-21T04:55:45.780000",
"db": "NVD",
"id": "CVE-2020-10644",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-1323"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Inductive Automation Made Ignition Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004797"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "0243acd1-a6e8-498a-bb1d-677fa500ffe3"
},
{
"db": "IVD",
"id": "0df72e19-8991-452b-aa9e-dfb4039451cc"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-1323"
}
],
"trust": 1.0
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…