A CVSS score 5.6 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N) severity vulnerability discovered by ‘Jason Matthyser (@pleasew8t) of MWR Labs’ was reported to the affected vendor on: 2018-11-29, 35 days ago. The vendor is given until 2019-03-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.