CVE Tools
Back to feed
SecurityWeek ·EN-US News source

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

By Eduard Kovacs··2 min read
CVE Tools coverage

CVE-2026-12569 has been exploited by threat actors in real-world attacks, marking the first confirmed abuse of a PTC issue targeting the Windchill and FlexPLM product line. The vulnerability stems from improper input validation that can be triggered remotely without authentication to achieve arbitrary code execution. CISA added CVE-2026-12569 to its Known Exploited Vulnerabilities (KEV) catalog, signaling urgency for remediation—important because Windchill is widely used in industrial and manufacturing environments, including critical supply chains and operational technology systems.