Prosecution Insights
Last updated: July 05, 2026
Application No. 18/428,318

METHOD FOR IDENTIFYING ONE OR MORE EXPLOITABLE VULNERABILITIES IN DEVICE FIRMWARE OF AN IOT DEVICE

Final Rejection §103
Filed
Jan 31, 2024
Priority
Jan 31, 2023 — EU 23154253.1
Examiner
FISHER, PAUL R
Art Unit
2498
Tech Center
2400 — Computer Networks
Assignee
Onekey GmbH
OA Round
2 (Final)
23%
Grant Probability
At Risk
3-4
OA Rounds
2y 3m
Est. Remaining
47%
With Interview

Examiner Intelligence

Grants only 23% of cases
23%
Career Allowance Rate
114 granted / 490 resolved
-34.7% vs TC avg
Strong +24% interview lift
Without
With
+24.1%
Interview Lift
resolved cases with interview
Typical timeline
4y 9m
Avg Prosecution
12 currently pending
Career history
506
Total Applications
across all art units

Statute-Specific Performance

§101
12.5%
-27.5% vs TC avg
§103
79.4%
+39.4% vs TC avg
§102
5.2%
-34.8% vs TC avg
§112
2.3%
-37.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 490 resolved cases

Office Action

§103
DETAILED ACTION The applicant’s amendment filed on January 6, 2026 has been acknowledged. Claims 1-15, as amended, are currently pending and have been considered below. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Specification The disclosure is objected to because it contains an embedded hyperlink and/or other form of browser-executable code. Applicant is required to delete the embedded hyperlink and/or other form of browser-executable code; references to websites should be limited to the top-level domain name without any prefix such as http:// or other browser-executable code. See MPEP § 608.01. Claim Objections Claim 9 is objected to because of the following informalities: “that the firmware (30) is affected” which appears to be a typo as no additional numbers indicating elements of the drawing are recited in the claims. Appropriate correction is required. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-4, 6, and 8-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Eacmen, III et al. (US 2019/0294802 A1) hereafter Eacmen, in view of Dolan et al. (US 12,075,107 B1) hereafter Dolan, further in view of Hering et al. (US 2011/0119765 A1) hereafter Hering. As per claim 1, Eacmen discloses a computer-implemented method for identifying one or more exploitable vulnerabilities in device firmware of an IoT device (Eacmen Abstract; discloses the invention is for detecting firmware threats. Specifically receiving firmware images, analyzing those images and identifying vulnerabilities. Page 4, paragraphs [0051]-[0053]; disclose that the invention is carried out by a computer which contains a processor and memory for carrying out the instructions. Page 1, paragraph [0011]; discloses that the devices being analyzed include Internet-of-Things (IoT) devices ), the method comprising: receiving an image of the device firmware (Eacmen Page 2, paragraph [0020]; discloses receiving an image of the device firmware); analyzing the image to determine software components of the device firmware, and associated properties of the firmware (Eacmen Page 2, paragraph [0026]; discloses analyzing the components of the image to determine the properties of the firmware. Specifically which components match the database); accessing at least one of an external database or an internal database, wherein the at least one of an external database or an internal database comprise recorded details of the one or more vulnerabilities of the software components (Eacmen Page 2, paragraph [0026]; discloses that a database is accessed and used to compare the analyzed data to components in the database. Page 2, paragraph [0021]; discloses that the database is either internal or external. Page 3, paragraph [0034]; discloses that details of the vulnerabilities of each software components are stored and used to match the analyzed image); filtering the recorded details using the associated properties (Eacmen Page 3, paragraph [0037]; discloses that the identified or determined items are filtered out. Page 4, paragraph [0050]; discloses that the identified items which match the database records are filtered out and displayed). Eacmen additionally discloses determining the recorded details whose prerequisites match with the properties of the firmware (Eacmen Page 3, paragraph [0032]-[0034]; discloses that the system analyzes the firmware to determine the version of the firmware and what the current version of the firmware is on the component). While Eacmen discusses pushing firmware images which are determined to address the vulnerabilities, it is not explicit that it downloads the filtered ones of the recorded details. Additionally Eacmen fails to explicitly disclose filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. Dolan, which like Eacmen discusses updating firmware, teaches downloading the filtered ones of the recorded details (Dolan Col. 11, line 19-33; teaches that update information is filtered by version number, serial number range, device type and model numbers as well as other information. By filtering which firmware applies and which needs to be updated the system can display which updates applies and allow the user to download them. As shown in Dolan this allows the device to download the update rather than taking up storage space before the device is ready to be updated). Eacmen discloses identifying one or more exploitable vulnerabilities in device firmware of an IoT device. Eacmen receives an image of the device firmware and analyzes the image to determine software components of the device firmware, and associated properties of the firmware. Eacmen discloses accessing at least one of an external database or an internal database, wherein the at least one of an external database or an internal database comprise recorded details of the one or more vulnerabilities of the software components and filtering the recorded details using the associated properties. While Eacmen discusses pushing firmware images which are determined to address the vulnerabilities, it is not explicit that it downloads the filtered ones of the recorded details. Dolan teaches downloading the filtered ones of the recorded details. It would have been obvious to one of ordinary skill in the art to include in the system for identifying one or more exploitable vulnerabilities in device firmware of an IoT device of Eacmen the ability to download the filtered ones of the recorded details as taught by Dolan since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Dolan, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the method of identifying one or more exploitable vulnerabilities provided by Eacmen, with the ability to download the filtered ones of the recorded details as taught by Dolan, for the purposes of allowing the firmware to be downloaded when needed rather than stored. As shown in Dolan this allows the device to download the update rather than taking up storage space before the device is ready to be updated. The combination fails to explicitly disclose filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. Hering, which like the combination talks about evaluating firmware, teaches filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities (Hering page 3, paragraphs [0028]-[0029]; teaches that it is known to filter the recorded details based on matching the version of the firmware with prerequisites those versions indicated having vulnerabilities. When the match is made it is determined that the firmware is affected by the vulnerabilities. The server only provides the information which match the prerequisite values. The Examiner asserts this is consistent with the applicant’s originally filed specification paragraph [0056]. Since the combination already establishes determining the version number of firmware it would have been obvious to compare that version information with a list of prerequisites to quickly determine if it vulnerable as shown in Hering). Eacmen discloses identifying one or more exploitable vulnerabilities in device firmware of an IoT device. Eacmen receives an image of the device firmware and analyzes the image to determine software components of the device firmware, and associated properties of the firmware. Eacmen discloses accessing at least one of an external database or an internal database, wherein the at least one of an external database or an internal database comprise recorded details of the one or more vulnerabilities of the software components and filtering the recorded details using the associated properties. Dolan teaches downloading the filtered ones of the recorded details. While Eacmen discusses determining the version of the firmware in the component, it fails explicitly disclose filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. Hering teaches filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. It would have been obvious to one of ordinary skill in the art to include in the system for identifying one or more exploitable vulnerabilities in device firmware of an IoT device of Eacmen and Dolan the ability to filter the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities as taught by Hering since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Hering, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the method of identifying one or more exploitable vulnerabilities provided by Eacmen and Dolan, with the ability to filter the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities as taught by Hering, for the purposes of identifying versions of the firmware which are vulnerable. Since the combination already establishes determining the version number of firmware it would have been obvious to compare that version information with a list of prerequisites to quickly determine if it vulnerable as shown in Hering. As per claim 2, the combination of Eacmen, Dolan and Hering teaches the computer-implemented method of claim 1; Dolan further teaches wherein the downloaded filtered ones of the recorded details are displayed on a display device (Dolan Col. 11, line 19-33; teaches that update information is filtered by version number, serial number range, device type and model numbers as well as other information. Col. 14, lines 28-34; teaches that the system can provide updates or display updates which can be downloaded). As per claim 3, the combination of Eacmen, Dolan and Hering teaches the computer-implemented method of claim 1; Dolan further teaches wherein the associated properties are at least one of recorded version numbers of the software components, interacting ones of the software components, device architecture, and configuration of the device firmware (Dolan Col. 11, line 19-33; teaches that update information is filtered by version number, serial number range, device type and model numbers as well as other information). As per claim 4, the combination of Eacmen, Dolan and Hering teaches the computer-implemented method of claim 1; Dolan further teaches wherein the filtering is based on the version numbers of the software components in the IoT device and the downloading of the recorded details is performed when the version numbers are identical (Dolan Col. 11, line 19-33; teaches that update information is filtered by version number, serial number range, device type and model numbers as well as other information. Col. 16, lines 7-22; teaches that vulnerabilities can be brought about by a specific version number and the solution to roll back to a previous firmware). As per claim 6, the combination of Eacmen, Dolan and Hering teaches the computer-implemented method of claim 1; Hering further discloses wherein the sets of prerequisites comprise information about hardware components, settings, configuration or architecture of the device (Hering page 3, paragraphs [0028]-[0029]; teaches that it is known to filter the recorded details based on matching the version of the firmware. In this case the prerequisite is the version of the firmware which is information about the hardware component). Eacmen establishes that the device is an IoT device (Page 1, paragraph [0011]; discloses that the devices being analyzed include Internet-of-Things (IoT) devices). As per claim 8, the combination of Eacmen, Dolan and Hering teaches the computer-implemented method of claim 1; Eacmen further discloses wherein the filtering is based on a vulnerability score S indicating a degree of exploitability of the one or more vulnerabilities (Eacmen Page 4, paragraph [0050]; discloses that the filtering can include a vulnerability score which indicates a level of risk or degree of exploitability). As per claim 9, Eacmen discloses a system for identifying one or more exploitable vulnerabilities in device firmware of an IoT device (Eacmen Abstract; discloses the invention is for detecting firmware threats. Specifically receiving firmware images, analyzing those images and identifying vulnerabilities. Page 4, paragraphs [0051]-[0053]; disclose that the invention is carried out by a computer which contains a processor and memory for carrying out the instructions. Page 1, paragraph [0011]; discloses that the devices being analyzed include Internet-of-Things (IoT) devices), the system comprising: at least one of an internal database for storing recorded details of the one or more vulnerabilities and an external database for storing recorded details of the one or more vulnerabilities of software components of the device firmware (Eacmen Page 2, paragraph [0026]; discloses that a database is accessed and used to compare the analyzed data to components in the database. Page 2, paragraph [0021]; discloses that the database is either internal or external. Page 3, paragraph [0034]; discloses that details of the vulnerabilities of each software components are stored and used to match the analyzed image); and a processor for (Eacmen Page 4, paragraphs [0051]-[0053]; disclose that the invention is carried out by a computer which contains a processor and memory for carrying out the instructions) analyzing an image of the device firmware to determine the software components of the device firmware, and associated properties of the firmware (Eacmen Page 2, paragraph [0026]; discloses analyzing the components of the image to determine the properties of the firmware. Specifically which components match the database); accessing at least one of the internal database and the external database (Eacmen Page 2, paragraph [0026]; discloses that a database is accessed and used to compare the analyzed data to components in the database. Page 2, paragraph [0021]; discloses that the database is either internal or external. Page 3, paragraph [0034]; discloses that details of the vulnerabilities of each software components are stored and used to match the analyzed image); filtering the recorded details using the associated properties (Eacmen Page 3, paragraph [0037]; discloses that the identified or determined items are filtered out. Page 4, paragraph [0050]; discloses that the identified items which match the database records are filtered out and displayed) Eacmen additionally discloses determining the recorded details whose prerequisites match with the properties of the firmware (Eacmen Page 3, paragraph [0032]-[0034]; discloses that the system analyzes the firmware to determine the version of the firmware and what the current version of the firmware is on the component). While Eacmen discusses pushing firmware images which are determined to address the vulnerabilities, it is not explicit that it downloads the filtered ones of the recorded details. Additionally Eacmen fails to explicitly disclose filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. Dolan, which like Eacmen discusses updating firmware, teaches downloading the filtered ones of the recorded details (Dolan Col. 11, line 19-33; teaches that update information is filtered by version number, serial number range, device type and model numbers as well as other information. By filtering which firmware applies and which needs to be updated the system can display which updates applies and allow the user to download them. As shown in Dolan this allows the device to download the update rather than taking up storage space before the device is ready to be updated). Eacmen discloses identifying one or more exploitable vulnerabilities in device firmware of an IoT device. Eacmen receives an image of the device firmware and analyzes the image to determine software components of the device firmware, and associated properties of the firmware. Eacmen discloses accessing at least one of an external database or an internal database, wherein the at least one of an external database or an internal database comprise recorded details of the one or more vulnerabilities of the software components and filtering the recorded details using the associated properties. While Eacmen discusses pushing firmware images which are determined to address the vulnerabilities, it is not explicit that it downloads the filtered ones of the recorded details. Dolan teaches downloading the filtered ones of the recorded details. It would have been obvious to one of ordinary skill in the art to include in the system for identifying one or more exploitable vulnerabilities in device firmware of an IoT device of Eacmen the ability to download the filtered ones of the recorded details as taught by Dolan since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Dolan, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the method of identifying one or more exploitable vulnerabilities provided by Eacmen, with the ability to download the filtered ones of the recorded details as taught by Dolan, for the purposes of allowing the firmware to be downloaded when needed rather than stored. As shown in Dolan this allows the device to download the update rather than taking up storage space before the device is ready to be updated. The combination fails to explicitly disclose filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. Hering, which like the combination talks about evaluating firmware, teaches filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities (Hering page 3, paragraphs [0028]-[0029]; teaches that it is known to filter the recorded details based on matching the version of the firmware with prerequisites those versions indicated having vulnerabilities. When the match is made it is determined that the firmware is affected by the vulnerabilities. The server only provides the information which match the prerequisite values. The Examiner asserts this is consistent with the applicant’s originally filed specification paragraph [0056]. Since the combination already establishes determining the version number of firmware it would have been obvious to compare that version information with a list of prerequisites to quickly determine if it vulnerable as shown in Hering). Eacmen discloses identifying one or more exploitable vulnerabilities in device firmware of an IoT device. Eacmen receives an image of the device firmware and analyzes the image to determine software components of the device firmware, and associated properties of the firmware. Eacmen discloses accessing at least one of an external database or an internal database, wherein the at least one of an external database or an internal database comprise recorded details of the one or more vulnerabilities of the software components and filtering the recorded details using the associated properties. Dolan teaches downloading the filtered ones of the recorded details. While Eacmen discusses determining the version of the firmware in the component, it fails explicitly disclose filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. Hering teaches filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. It would have been obvious to one of ordinary skill in the art to include in the system for identifying one or more exploitable vulnerabilities in device firmware of an IoT device of Eacmen and Dolan the ability to filter the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities as taught by Hering since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Hering, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the method of identifying one or more exploitable vulnerabilities provided by Eacmen and Dolan, with the ability to filter the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities as taught by Hering, for the purposes of identifying versions of the firmware which are vulnerable. Since the combination already establishes determining the version number of firmware it would have been obvious to compare that version information with a list of prerequisites to quickly determine if it vulnerable as shown in Hering. As per claim 10, the combination of Eacmen, Dolan and Hering teaches the system of claim 9; Dolan further teaches comprising a display device for displaying the downloaded filtered ones of the recorded details (Dolan Col. 11, line 19-33; teaches that update information is filtered by version number, serial number range, device type and model numbers as well as other information. Col. 14, lines 28-34; teaches that the system can provide updates or display updates which can be downloaded). As per claim 11, the combination of Eacmen, Dolan and Hering teaches the system of claim 9; Eacmen further discloses comprising an analysis database for storing details about the determined software components and details about the determined associated properties (Eacmen Page 2, paragraph [0026]; discloses that a database is accessed and used to compare the analyzed data to components in the database. Page 3, paragraph [0034]; discloses that details of the vulnerabilities of each software components are stored and used to match the analyzed image). As per claim 12, the combination of Eacmen, Dolan and Hering teaches the method of claim 1, Eacmen further discloses use of the method of claim 1 for vulnerability analysis of a firmware of an IoT device (Eacmen Page 1, paragraph [0011]; discloses that the devices being analyzed include Internet-of-Things (IoT) devices). As per claim 13, the combination of Eacmen, Dolan and Hering teaches the method of claim 1, Eacmen further discloses a data processing apparatus comprising a processor for carrying out the method of claim 1 (Eacmen Page 4, paragraphs [0051]-[0053]; disclose that the invention is carried out by a computer which contains a processor and memory for carrying out the instructions). As per claim 14, the combination of Eacmen, Dolan and Hering teaches the method of claim 1, Eacmen further discloses a computer program comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method of claim 1 (Eacmen Page 4, paragraphs [0051]-[0053]; disclose that the invention is carried out by a computer which contains a processor and memory for carrying out the instructions). As per claim 15, the combination of Eacmen, Dolan and Hering teaches the method of claim 1, Eacmen further discloses a computer-readable medium comprising instructions which, when executed by a computer, cause the computer to carry out the method of claim 1 (Eacmen Page 4, paragraphs [0051]-[0053]; disclose that the invention is carried out by a computer which contains a processor and memory for carrying out the instructions). Claim(s) 5 and 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Eacmen, III et al. (US 2019/0294802 A1) hereafter Eacmen, in view of Dolan et al. (US 12,075,107 B1) hereafter Dolan, further in view of Hering et al. (US 2011/0119765 A1) hereafter Hering, further in view of Dahlstrom et al. (US 2004/0006704 A1) hereafter Dahlstrom. As per claim 5, the combination of Eacmen, Dolan and Hering teaches the computer-implemented method of claim 1; the combination fails to explicitly disclose wherein the internal database comprises links to work-arounds for the one or more vulnerabilities. Dahlstrom, which like the combination talks about handling software vulnerabilities, teaches wherein the internal database comprises links to work-arounds for the one or more vulnerabilities (Dahlstrom Page 2, paragraphs [0024]-[0025]; teaches it is known for the system to include in the database work arounds for one or more vulnerabilities. As shown in in Dahlstrom providing this information stored in the database helps make recommendations to prevent, reduce or avoid the circumstances associated with the vulnerability). Eacmen discloses identifying one or more exploitable vulnerabilities in device firmware of an IoT device. Eacmen receives an image of the device firmware and analyzes the image to determine software components of the device firmware, and associated properties of the firmware. Eacmen discloses accessing at least one of an external database or an internal database, wherein the at least one of an external database or an internal database comprise recorded details of the one or more vulnerabilities of the software components and filtering the recorded details using the associated properties. Dolan teaches downloading the filtered ones of the recorded details. Hering teaches filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. However the combination fails to establish wherein the internal database comprises links to work-arounds for the one or more vulnerabilities. Dahlstrom teaches wherein the internal database comprises links to work-arounds for the one or more vulnerabilities. It would have been obvious to one of ordinary skill in the art to include in the system for identifying one or more exploitable vulnerabilities in device firmware of an IoT device of Eacmen, Dolan and Hering the ability to include in the database links to work-arounds for the one or more vulnerabilities as taught by Dahlstrom since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Dahlstrom, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the method of identifying one or more exploitable vulnerabilities provided by Eacmen, Dolan and Hering, with the ability to include in the database links to work-arounds for the one or more vulnerabilities as taught by Dahlstrom, for the purposes of preventing or reducing the risk of vulnerabilities. As shown in in Dahlstrom providing this information stored in the database helps make recommendations to prevent, reduce or avoid the circumstances associated with the vulnerability. As per claim 7, the combination of Eacmen, Dolan and Hering teaches the computer-implemented method of claim 1; the combination however fails to disclose wherein the recorded details include one or more explanations of the vulnerabilities and patches (Dahlstrom Page 2, paragraphs [0024]-[0025]; teaches it is known for the system to include in the database work arounds for one or more vulnerabilities. The database stores additional information such as information about the vulnerabilities and patches. As shown in in Dahlstrom providing this information stored in the database helps make recommendations to prevent, reduce or avoid the circumstances associated with the vulnerability). Eacmen discloses identifying one or more exploitable vulnerabilities in device firmware of an IoT device. Eacmen receives an image of the device firmware and analyzes the image to determine software components of the device firmware, and associated properties of the firmware. Eacmen discloses accessing at least one of an external database or an internal database, wherein the at least one of an external database or an internal database comprise recorded details of the one or more vulnerabilities of the software components and filtering the recorded details using the associated properties. Dolan teaches downloading the filtered ones of the recorded details. Hering teaches filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding the one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities. However the combination fails to establish wherein the recorded details include one or more explanations of the vulnerabilities and patches. Dahlstrom teaches wherein the recorded details include one or more explanations of the vulnerabilities and patches. It would have been obvious to one of ordinary skill in the art to include in the system for identifying one or more exploitable vulnerabilities in device firmware of an IoT device of Eacmen, Dolan and Hering the ability for the recorded details to include one or more explanations of the vulnerabilities and patches as taught by Dahlstrom since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable. Therefore, from this teaching of Dahlstrom, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the method of identifying one or more exploitable vulnerabilities provided by Eacmen, Dolan and Hering the ability for the recorded details to include one or more explanations of the vulnerabilities and patches as taught by Dahlstrom, for the purposes of preventing or reducing the risk of vulnerabilities. As shown in in Dahlstrom providing this information stored in the database helps make recommendations to prevent, reduce or avoid the circumstances associated with the vulnerability. Response to Arguments Applicant's arguments filed January 6, 2026 have been fully considered but they are not persuasive. Applicant's arguments with respect to claims 1-15 have been considered but are moot in view of the new ground(s) of rejection. Specifically the arguments regarding the newly amended material that "filtering the recorded details using the associated properties by retaining only the recorded details whose prerequisites match with the properties of the firmware, wherein it is necessary that the firmware fulfils the prerequisites comprised by the recorded details regarding one of the vulnerabilities to conclude that the firmware is affected by this one of the vulnerabilities" are moot in view of the new grounds of rejection. Specifically the Examiner has cited the Hering reference to address these newly amended limitations. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to PAUL R FISHER whose telephone number is (571)270-5097. The examiner can normally be reached Monday - Friday 9 am to 5:30 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached at (571)272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. PAUL R. FISHER Primary Examiner Art Unit 2498 /PAUL R FISHER/ Primary Examiner, Art Unit 2498 4/29/2026
Read full office action

Prosecution Timeline

Jan 31, 2024
Application Filed
Oct 01, 2025
Non-Final Rejection mailed — §103
Jan 06, 2026
Response Filed
May 04, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12671698
DETECTING AND ALERTING ON DOMAIN FRONTING WITHIN A NETWORK
3y 5m to grant Granted Jun 30, 2026
Patent 12657486
COMPUTER-READABLE RECORDING MEDIUM STORING EVALUATION PROGRAM, EVALUATION METHOD, AND INFORMATION PROCESSING DEVICE
4y 1m to grant Granted Jun 16, 2026
Patent 12619718
DETECTION AND PREVENTION OF LOGIN ATTACKS
2y 1m to grant Granted May 05, 2026
Patent 12598182
PEER-TO-PEER SECURE MODE AUTHENTICATION
3y 1m to grant Granted Apr 07, 2026
Patent 12587393
SYSTEM FOR DIAGNOSIS OF A VEHICLE AND METHOD THEREOF
2y 11m to grant Granted Mar 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
23%
Grant Probability
47%
With Interview (+24.1%)
4y 9m (~2y 3m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 490 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month