CVE-2021-31884

CWE-170: IMPROPER NULL TERMINATION
The DHCP client application assumes the data supplied with the “hostname” DHCP option NULL is terminated. In cases when a global hostname variable is not defined, this may lead to out-of-bound reads, out-of-bounds writes, and denial-of-service conditions.

Risk Information

  • CVE ID
  • CVE-2021-31884
  • Vendor
  • Siemens
  • Product
  • Nucleus
  • CVSS v3
  • 8.8