Home Embedded Vulns General Vulns

CVE-2025-27127

MEDIUM 4.3

Our Analysis: Embedded

Our model has classified this vulnerability as relevant to Embedded Systems, helping your team prioritize efforts effectively.

Published Date July 8, 2025
Last Modified July 8, 2025
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Description

A vulnerability has been identified in TIA Project-Server (All versions < V2.1.1), TIA Project-Server V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions < V20 Update 3). The affected application improperly handles uploaded projects in the document root. This could allow an attacker with contributor privileges to cause denial of service by uploading a malicious project.