Summary
Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution.
The following versions of PTC Windchill Product Lifecycle Management are affected:
- Windchill PDMLink 11.0_M030 (CVE-2026-4681)
- Windchill PDMLink 11.1_M020 (CVE-2026-4681)
- Windchill PDMLink 11.2.1.0 (CVE-2026-4681)
- Windchill PDMLink 12.0.2.0 (CVE-2026-4681)
- Windchill PDMLink 12.1.2.0 (CVE-2026-4681)
- Windchill PDMLink 13.0.2.0 (CVE-2026-4681)
- Windchill PDMLink 13.1.0.0 (CVE-2026-4681)
- Windchill PDMLink 13.1.1.0 (CVE-2026-4681)
- Windchill PDMLink 13.1.2.0 (CVE-2026-4681)
- Windchill PDMLink 13.1.3.0 (CVE-2026-4681)
- FlexPLM 11.0_M030 (CVE-2026-4681)
- FlexPLM 11.1_M020 (CVE-2026-4681)
- FlexPLM 11.2.1.0 (CVE-2026-4681)
- FlexPLM 12.0.0.0 (CVE-2026-4681)
- FlexPLM 12.0.2.0 (CVE-2026-4681)
- FlexPLM 12.0.3.0 (CVE-2026-4681)
- FlexPLM 12.1.2.0 (CVE-2026-4681)
- FlexPLM 12.1.3.0 (CVE-2026-4681)
- FlexPLM 13.0.2.0 (CVE-2026-4681)
- FlexPLM 13.0.3.0 (CVE-2026-4681)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 10 | PTC | PTC Windchill Product Lifecycle Management | Improper Control of Generation of Code (‘Code Injection’) |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: United States
Vulnerabilities
CVE-2026-4681
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 12.1.2.0, 12.1.3.0, 13.0.2.0, 13.0.3.0.
Affected Products
PTC Windchill Product Lifecycle Management
PTC
PTC Windchill PDMLink: 11.0_M030, PTC Windchill PDMLink: 11.1_M020, PTC Windchill PDMLink: 11.2.1.0, PTC Windchill PDMLink: 12.0.2.0, PTC Windchill PDMLink: 12.1.2.0, PTC Windchill PDMLink: 13.0.2.0, PTC Windchill PDMLink: 13.1.0.0, PTC Windchill PDMLink: 13.1.1.0, PTC Windchill PDMLink: 13.1.2.0, PTC Windchill PDMLink: 13.1.3.0, PTC FlexPLM: 11.0_M030, PTC FlexPLM: 11.1_M020, PTC FlexPLM: 11.2.1.0, PTC FlexPLM: 12.0.0.0, PTC FlexPLM: 12.0.2.0, PTC FlexPLM: 12.0.3.0, PTC FlexPLM: 12.1.2.0, PTC FlexPLM: 12.1.3.0, PTC FlexPLM: 13.0.2.0, PTC FlexPLM: 13.0.3.0
known_affected
Remediations
Mitigation
PTC is aware of the issue and is actively developing a fix. In the meantime, PTC recommends applying the recommended workaround. Until official patches are available, customers must take urgent steps to safeguard their environments. Specifically: Protect any publicly accessible Windchill systems
Vendor fix
While publicly accessible Windchill and FlexPLM systems are at higher risk and require immediate attention, PTC strongly recommends applying the mitigation steps to all deployments, regardless of Internet exposure
Vendor fix
Apply the same precautions to FlexPLM deployments
Vendor fix
The following Apache and IIS HTTP Server configuration update should be IMMEDIATELY applied to every Windchill or FlexPLM system: Customers using Apache HTTP Server should only follow “Apache HTTP Server Configuration – Workaround Steps” section steps
Mitigation
Customers using Microsoft IIS should only follow “IIS Configuration – Workaround Steps” section steps
Mitigation
Please explicitly note that the same mitigation steps must also be applied on File Server / Replica Server
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: