← volver
CVE-2026-12569

Remote Code Execution (RCE) vulnerability in Windchill PDMlink

CVSS 9.3 CRITICALEPSS 0.5%CWE-20CWE-502
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data.  * This advisory also applies to all CPS versions * The identified vulnerability also impacts Windchill and FlexPLM releases prior to 11.0 M030
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/AU:Y/R:U/V:C/U:Red
Productos afectados
PTC · FlexPLMPTC · Windchill PDMLink

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-12569https://www.ptc.com/en/support/article/CS473270