A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update process.
The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file’s existence or otherwise access that file.