Medium severity4.3NVD Advisory· Published Jul 8, 2025· Updated Apr 15, 2026
CVE-2025-27127
CVE-2025-27127
Description
A vulnerability has been identified in TIA Project-Server (All versions < V2.1.1), TIA Project-Server V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 4), Totally Integrated Automation Portal (TIA Portal) V20 (All versions < V20 Update 3). The affected application improperly handles uploaded projects in the document root. This could allow an attacker with contributor privileges to cause denial of service by uploading a malicious project.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: V17 All versions, V18 All versions, V19 All versions < V19 Update 4, V20 All versions < V20 Update 3
- Range: All versions < V2.1.1; V17 All versions
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.