CVE-2021-31882 vulnerability in Siemens Products
Published on November 9, 2021
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)
Weakness Type
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2021-31882 has been classified to as a Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2021-31882
Want to know whenever a new CVE is published for Siemens products? stack.watch will email you.
Affected Versions
Siemens Capital Embedded AR Classic 431-422:- Before * is affected.
- Before V2303 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.