Skip to main content
4th of July Sale — Get 40% off Vantage subscriptions
Published loading...Updated

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

Summary by The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is
DisclaimerThis story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

6 Articles

The U.S. security agency CISA warns against attacks on PLM software PTC Windchill, in which attackers take over complete systems via malicious code. The U.S. cybersecurity agency CISA has included the vulnerability CVE-2026-12569 in its directory known to have exploited security vulnerabilities. This is the first time a product of the manufacturer PTC is listed in this list. U.S. federal authorities have been instructed to close the security vul…

The CVE-2026-12569 officially entered the CISA KEV catalogue (Known Exploited Vulnerabilities) after confirming that vulnerability is being actively exploited by cybercriminals. The decision reinforces the severity of the critical failure of CERs affecting the PTC Windchill, one of the PLM (Product Lifecycle Management) platforms most used by engineering, manufacturing and product development companies. When a vulnerability becomes part of the C…

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe
4th of July SaleGet 40% off Vantage subscriptions for yourself or a friend.Get Started

Bias Distribution

  • There is no tracked Bias information for the sources covering this story.

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

securityweek.com broke the news on Friday, June 26, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

News
Feed Dots Icon
For You
Search Icon
Search
Blindspot LogoBlindspotLocal