# Exploitation of PTC Windchill Vulnerability Poses Critical Risk to Industries

*Published June 29, 2026*
*Source: [https://www.securityweek.com/first-ever-exploitation-of-ptc-windchill-vulnerability-discovered-in-the-wild/](https://www.securityweek.com/first-ever-exploitation-of-ptc-windchill-vulnerability-discovered-in-the-wild/)*

## Executive Summary

A vulnerability in PTC's Windchill software has been exploited in the wild, posing a serious threat to critical industries like automotive and aerospace. PTC has released patches, and CISA has added the flaw to its Known Exploited Vulnerabilities catalog, urging swift action to mitigate risks.

## Article

Cybercriminals have successfully exploited a vulnerability in PTC's Windchill software, marking the first time this particular security flaw has been used in real-world attacks. This vulnerability, identified as CVE-2026-12569, affects both Windchill and FlexPLM products, allowing remote attackers to execute arbitrary code through specially crafted requests. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has responded by adding this flaw to its Known Exploited Vulnerabilities catalog, instructing federal agencies to address it by the end of June.

This is a noteworthy development as it is the first time a PTC product vulnerability has been included in CISA's catalog. Although there have been warnings about possible exploits of PTC products in the past, such as the March alert by German police about CVE-2026-4681, this is the first confirmed exploitation. PTC has been proactive in addressing the issue, releasing patches and mitigations on June 17 and providing indicators of compromise the following day. The company has noted an increase in threat activity, although it remains unclear who is orchestrating these attacks.

The exploitation of this vulnerability is particularly concerning due to Windchill's widespread use in critical industries such as automotive, aerospace, defense, and heavy machinery. This makes the vulnerability a significant threat to supply chains and operational technology environments. German police have been actively alerting organizations about the heightened risk, emphasizing the urgency of addressing this issue. Organizations using Windchill and FlexPLM should prioritize patching and monitoring to safeguard against potential threats.
