🔴 Critical | Source: CISA Known Exploited Vulnerabilities
A critical remote code execution vulnerability (CVE-2026-12569) has been identified in PTC Windchill and FlexPLM, widely used product lifecycle management (PLM) platforms. An unauthenticated attacker can exploit this flaw over the network by sending a specially crafted request, requiring no prior access or credentials. This vulnerability is actively being exploited in the wild, as confirmed by CISA’s inclusion in its Known Exploited Vulnerabilities catalogue.
Security Architect’s Take: Immediately audit your estate for internet-exposed or network-accessible PTC Windchill and FlexPLM instances and apply vendor patches before the CISA remediation deadline of 28 June 2026. As an interim measure, restrict network access to these services using firewall rules or zero-trust network controls, and ensure no instances are directly reachable from the public internet.
Original advisory: CVE-2026-12569: PTC Windchill and FlexPLM