{"id":16899,"date":"2020-07-20T17:02:04","date_gmt":"2020-07-20T09:02:04","guid":{"rendered":"https:\/\/version-2.com\/?p=16899"},"modified":"2022-03-07T15:09:54","modified_gmt":"2022-03-07T07:09:54","slug":"ripple20-mixed-results-in-scadafences-exploitability-lab-tests","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2020\/07\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\/","title":{"rendered":"Ripple20: Mixed Results in SCADAfence’s Exploitability Lab Tests"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

\"\"<\/p>\n

As part of our mission to secure the world\u2019s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack techniques.<\/p>\n

Ripple20 are 19 vulnerabilities revealed by Israeli firm JSOF that affect millions of OT and IOT devices. The vulnerabilities reside in a TCP\/IP stack developed by Treck, Inc. The TCP\/IP stack is widely used by manufacturers in the OT and IoT industries and thus affects a tremendous amount of devices.<\/p>\n

Among the affected devices are Cisco Routers, HP Printers, Digi IoT devices, PLCs by Rockwell Automation and many more. Official advisories by companies who confirmed having affected devices can be found here, in the \u201cMore Information\u201d section.<\/p>\n

The most critical vulnerabilities are three that can cause a stable Remote Code Execution (CVE-2020-11896, CVE-2020-11897, CVE-2020-11901) and another that can cause the target device\u2019s memory heap to be leaked (CVE-2020-11898).<\/p>\n

On behalf of our customers, we set out to explore the real impact of these vulnerabilities, which we\u2019re now sharing with the public.<\/p>\n

The research has been conducted by researchers Maayan Fishelov and Dan Haim, and has been managed by SCADAfence\u2019s Co-Founder and CTO, Ofer Shaked.<\/p>\n

Exploitability Research
We set out to check the exploitability of these vulnerabilities, starting with CVE-2020-11898 (the heap memory leak vulnerability), one of the 19 published vulnerabilities.<\/p>\n

We created a Python POC script that is based on JSOF official whitepaper for this vulnerability. According to JSOF, the implementation is very similar to CVE-2020-11896, which is an RCE vulnerability that is described in the whitepaper. Also mentioned about the RCE vulnerability: \u201cVariants of this Issue can be triggered to cause a Denial of Service or a persistent Denial of Service, requiring a hard reset.\u201d<\/p>\n

Trial Results:
Test 1 target: Samsung ProXpress printer model SL-M4070FR firmware version V4.00.02.18 MAY-08-2017. This device is vulnerable according to the HP Advisory.<\/p>\n

Test 1 result: The printer\u2019s network crashed and required a hard reset to recover. We were unable to reproduce the heap memory leak as described, and this vulnerability would have been tagged as unauthenticated remote DoS instead, on this specific printer.<\/p>\n

Test 2 target: HP printer model M130fw. This device is vulnerable according to the HP Advisory.<\/p>\n

Test 2 result: Although reported as vulnerable by the manufacturer, we were unable to reproduce the vulnerability, and we believe that this device isn\u2019t affected by this vulnerability. We believe that\u2019s because the IPinIP feature isn\u2019t enabled on this printer, which we\u2019ve verified with a specially crafted packet.<\/p>\n

Test 3 target: Undisclosed at this stage due to disclosure guidelines. We will reveal this finding in the near future.<\/p>\n

Test 3 result: We found an unreported vendor and device, on which we can use CVE-2020-11898 to remotely leak 368 bytes from the device\u2019s heap, disclosing sensitive information. No patch is available for this device. Due to our strict policy of using Google\u2019s Responsible Disclosure, we\u2019ve reported this to the manufacturer, to allow them to make a patch available prior to the publication date.<\/p>\n

Key Takeaways
We\u2019ve confirmed the exploitability vulnerabilities on our IoT lab devices.<\/p>\n

On the negative side: The vulnerabilities exist on additional products that are unknown to the public. Attackers are likely to use this information gap to attack networks.
On the positive side: Some devices that are reported as affected by the manufacturers are actually not affected, or are affected by other vulnerabilities. It might require attackers to tailor their exploits to specific products, increasing the cost of exploitation, and prevent them from using the vulnerability on products that are reported as vulnerable.<\/p>\n

SCADAfence Research Recommendations
Check your asset inventory and vulnerability assessment solutions for unpatched products affected by Ripple20.
The SCADAfence Platform creates an asset inventory with product and software versions passively and actively, and allows you to manage your CVEs across all embedded and Windows devices.
Prioritize patching or other mitigation measures based on: Exposure to the internet, exposure to insecure networks (business LAN and others), criticality of the asset.
This prioritization can automatically be obtained from tools such as the SCADAfence Platform.
Detect exploitation based on network traffic analysis.
The SCADAfence Platform detects usage of these exploits in network activity by searching for patterns that indicate usage of this vulnerability in the TCP\/IP communications.
If you have any questions or concerns about Ripple20, please contact us and we’ll be happy to assist you and share our knowledge with you or with your security experts.<\/p>\n

<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

About Version 2 Digital<\/h3>

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n

\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

<\/p>\n

About SCADAfence<\/strong>
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT\/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world\u2019s most complex OT networks, including Europe\u2019s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

As part of our mission to secure the world\u2019s OT, IoT an […]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[417,61,99],"tags":[98,418],"class_list":["post-16899","post","type-post","status-publish","format-standard","hentry","category-scadafence","category-press-release","category-year2020","tag-98","tag-scadafence"],"acf":[],"yoast_head":"\nRipple20: Mixed Results in SCADAfence's Exploitability Lab Tests - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests - Version 2\" \/>\n<meta property=\"og:description\" content=\"As part of our mission to secure the world\u2019s OT, IoT an […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-20T09:02:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-07T07:09:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/version-2.com\/wp-content\/uploads\/2020\/07\/Ripple20_SCADAfence-2.jpg\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/07\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Ripple20: Mixed Results in SCADAfence’s Exploitability Lab Tests\",\"datePublished\":\"2020-07-20T09:02:04+00:00\",\"dateModified\":\"2022-03-07T07:09:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/07\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\\\/\"},\"wordCount\":759,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/Ripple20_SCADAfence-2.jpg\",\"keywords\":[\"2020\",\"SCADAfence\"],\"articleSection\":[\"SCADAfence\",\"Press Release\",\"2020\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2020\\\/07\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\\\/\",\"url\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\",\"name\":\"Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/Ripple20_SCADAfence-2.jpg\",\"datePublished\":\"2020-07-20T09:02:04+00:00\",\"dateModified\":\"2022-03-07T07:09:54+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage\",\"url\":\"https:\\\/\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/Ripple20_SCADAfence-2.jpg\",\"contentUrl\":\"https:\\\/\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/07\\\/Ripple20_SCADAfence-2.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.scadafence.com\\\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ripple20: Mixed Results in SCADAfence’s Exploitability Lab Tests\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests","og_locale":"zh_HK","og_type":"article","og_title":"Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests - Version 2","og_description":"As part of our mission to secure the world\u2019s OT, IoT an […]","og_url":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests","og_site_name":"Version 2","article_published_time":"2020-07-20T09:02:04+00:00","article_modified_time":"2022-03-07T07:09:54+00:00","og_image":[{"url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/07\/Ripple20_SCADAfence-2.jpg","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"6 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#article","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/2020\/07\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Ripple20: Mixed Results in SCADAfence’s Exploitability Lab Tests","datePublished":"2020-07-20T09:02:04+00:00","dateModified":"2022-03-07T07:09:54+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/zh\/2020\/07\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\/"},"wordCount":759,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage"},"thumbnailUrl":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/07\/Ripple20_SCADAfence-2.jpg","keywords":["2020","SCADAfence"],"articleSection":["SCADAfence","Press Release","2020"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/zh\/2020\/07\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests\/","url":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests","name":"Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage"},"image":{"@id":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage"},"thumbnailUrl":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/07\/Ripple20_SCADAfence-2.jpg","datePublished":"2020-07-20T09:02:04+00:00","dateModified":"2022-03-07T07:09:54+00:00","breadcrumb":{"@id":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#primaryimage","url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/07\/Ripple20_SCADAfence-2.jpg","contentUrl":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/07\/Ripple20_SCADAfence-2.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.scadafence.com\/ripple20-mixed-results-in-scadafences-exploitability-lab-tests#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Ripple20: Mixed Results in SCADAfence’s Exploitability Lab Tests"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-4oz","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/16899","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=16899"}],"version-history":[{"count":11,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/16899\/revisions"}],"predecessor-version":[{"id":44230,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/16899\/revisions\/44230"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=16899"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=16899"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=16899"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}