Help Net Security ·EN-US News source
JSP webshells being dropped on unpatched PTC Windchill instances
CVE Tools coverage
CISA added CVE-2026-12569 to its Known Exploited Vulnerabilities catalog, warning that PTC Windchill and FlexPLM are being targeted in the wild. PTC reports that attackers can exploit the improper input validation flaw (unauthenticated remote code execution) and has observed indicators consistent with JSP webshells being deployed on vulnerable systems.
Organizations using affected PTC product lifecycle management deployments should apply the relevant patches and check their environments for indicators of compromise.