Hackers exploit critical PTC Windchill PLM software flaw
Summary
Hackers are actively exploiting a critical vulnerability in PTC's Windchill and FlexPLM software, which are vital product lifecycle management solutions. This unsafe deserialization flaw, tracked as CVE-2026-12569, allows for remote code execution and has a CVSS score of 9.3. PTC has released patches, and CISA has added it to its Known Exploited Vulnerabilities catalog due to heightened threat activity.
IFF Assessment
The article details a critical vulnerability being actively exploited, which poses a significant risk to organizations and defenders.
Severity
The vulnerability has a CVSS score of 9.3, indicating a critical severity. It is an unsafe deserialization flaw enabling remote code execution, making it highly exploitable and impactful for affected systems.
CISA KEV: Listed as actively exploited. Federal patch due: June 28, 2026. Known ransomware use: Unknown.
Defender Context
Defenders need to prioritize patching or mitigating the CVE-2026-12569 vulnerability in PTC Windchill and FlexPLM software immediately, as it is being actively exploited. The inclusion on CISA's KEV catalog signifies a high likelihood of further attacks, and organizations should monitor for indicators of compromise such as web shell deployments.