HIGHVulnerability
Verified
Global
CISA KEV: PTC Windchill and FlexPLM — PTC Windchill and FlexPLM Improper Input Validation Vulnerability
·Source: CISA KEV
Updated:
Executive Summary
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by sending a malicious request to the network.
Analysis
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by sending a malicious request to the network. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-25. Remediation due: 2026-06-28.