Buffer Overflow Vulnerability in Multiple Siemens Products (CNVD-2021-89442)

Capital VSTAR is a complete solution. the Nucleus NET module integrates a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. the Nucleus RTOS is a microkernel-based real-time operating system. A buffer overflow vulnerability exists in several Siemens products, which stems from a DHCP client application that does not validate the length of the domain name server IP option (0x06) when processing DHCP ACK packets. An attacker could exploit the vulnerability to cause a denial of service condition.