CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
6 Articles
6 Articles
Hackers exploit critical PTC Windchill PLM software flaw
Hackers are exploiting a critical vulnerability recently patched in PTC Windchill and FlexPLM, two product lifecycle management solutions used by organizations across a range of industries, including defense, aerospace, automotive, medical, electronics, industrial machinery, and consumer goods. The vulnerability, tracked as CVE-2026-12569, is an unsafe deserialization flaw that enables remote code execution. It’s located in the web-based Windchi…
The U.S. security agency CISA warns against attacks on PLM software PTC Windchill, in which attackers take over complete systems via malicious code. The U.S. cybersecurity agency CISA has included the vulnerability CVE-2026-12569 in its directory known to have exploited security vulnerabilities. This is the first time a product of the manufacturer PTC is listed in this list. U.S. federal authorities have been instructed to close the security vul…
CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is
The CVE-2026-12569 officially entered the CISA KEV catalogue (Known Exploited Vulnerabilities) after confirming that vulnerability is being actively exploited by cybercriminals. The decision reinforces the severity of the critical failure of CERs affecting the PTC Windchill, one of the PLM (Product Lifecycle Management) platforms most used by engineering, manufacturing and product development companies. When a vulnerability becomes part of the C…
First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild
CISA has added the remote code execution flaw CVE-2026-12569 to its Known Exploited Vulnerabilities catalog. The post First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild appeared first on SecurityWeek.

Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium


