Denial of Service Vulnerability in TIA Project-Server and TIA Portal

Monitor4.3SSA-460466Jul 8, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in TIA Project Server and TIA Portal allows an attacker to cause a denial of service condition. The issue affects both the engineering workstation software and the project server component used to manage automation project files and configurations.

What this means

What could happen

An attacker with valid credentials could crash the TIA Portal engineering workstation or project server, interrupting automation engineering and project deployment activities. This could delay critical system updates or reconfiguration of your industrial automation equipment.

Who's at risk

Industrial automation engineering teams using Siemens TIA Portal or TIA Project Server to design, configure, and deploy PLCs and automation systems should be concerned. This affects engineers and system integrators who rely on these tools to maintain your industrial control systems, but does not directly affect running production systems.

How it could be exploited

An attacker with valid engineering workstation or project server credentials sends a specially crafted file or request to the TIA Portal or Project Server. The application fails to handle the input correctly, consuming all available resources and causing the service to become unavailable.

Prerequisites

Valid TIA Portal or Project Server user account credentials
Network access to the TIA Portal or Project Server system
Ability to interact with the affected application or upload/process files

Requires valid authenticationRemotely exploitable over networkLow attack complexityNo patch available for V17 versionsAffects engineering/development environment

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (6)

4 with fix2 EOL

ProductAffected VersionsFix Status

TIA Project-Server< 2.1.12.1.1

Totally Integrated Automation Portal (TIA Portal) V19All versions < V19 Update 419 Update 4

Totally Integrated Automation Portal (TIA Portal) V20All versions < V20 Update 320 Update 3

Totally Integrated Automation Portal (TIA Portal) V17All versionsNo fix (EOL)

Totally Integrated Automation Portal (TIA Portal) V18All versionsNo fix (EOL)

TIA Project-Server V17All versions2.1.1

Remediation & Mitigation

0/5

Do now

0/2

Totally Integrated Automation Portal (TIA Portal) V19

HARDENINGRestrict network access to TIA Portal and Project Server to trusted engineering staff only; implement firewall rules to limit who can reach these systems from your network

HARDENINGMonitor and enforce strong authentication on TIA Portal and Project Server accounts to prevent unauthorized access

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

TIA Project-Server

HOTFIXUpdate TIA Project-Server to version 2.1.1 or later

Totally Integrated Automation Portal (TIA Portal) V19

HOTFIXUpdate TIA Portal V19 to Update 4 or later

HOTFIXUpdate TIA Portal V20 to Update 3 or later

CVEs (1)

CVE-2025-27127

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/89b9e817-95b7-4f48-b882-f0054a588abf