CISA has warned U.S. organizations about a critical deserialization vulnerability in PTC’s Windchill and FlexPLM products that can allow remote, unauthenticated attackers to execute arbitrary code. PTC has not released patches yet but has provided mitigations and IoCs, while German authorities’ unprecedented physical alerts suggest exploitation may be imminent. #CVE-2026-4681 #Windchill
Keypoints
- CISA issued an advisory for a critical vulnerability in PTC Windchill and FlexPLM affecting U.S. organizations.
- The flaw (CVE-2026-4681) involves deserialization of untrusted data and enables remote unauthenticated arbitrary code execution.
- PTC has not yet released patches but has shared mitigations and indicators of compromise for detection.
- German authorities conducted in-person alerts to companies, an unusual step that indicates high urgency.
- No confirmed in-the-wild exploitation so far, but attackers could rapidly weaponize the vulnerability.
Read More: https://www.securityweek.com/cisa-flags-critical-ptc-vulnerability-that-had-german-police-mobilized/