CVE-2026-12569

CRITICAL KEV

PTC Windchill PDMLink and FlexPLM - Deserialization Remote Code Execution

Title source: manual

Exploitation Summary

CVE-2026-12569 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 25, 2026.

Description

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. * This advisory also applies to all CPS versions * The identified vulnerability also impacts Windchill and FlexPLM releases prior to 11.0 M030

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory mitigation permissions-required

https://www.ptc.com/en/support/article/CS473270

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-12569

Scores

CVSS v4 9.3

EPSS 0.0050

EPSS Percentile 38.9%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:X/U:Red

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact total

Details

CISA KEV 2026-06-25

VulnCheck KEV 2026-06-25

CWE

CWE-20 CWE-502

Status published

Products (19)

PTC/FlexPLM < 11.0 M030

PTC/FlexPLM 11.1 M020

PTC/FlexPLM 11.2.1.0

PTC/FlexPLM 12.0.0.0

PTC/FlexPLM 12.0.2.0

PTC/FlexPLM 12.1.2.0

PTC/FlexPLM 12.1.3.0

PTC/FlexPLM 13.0.2.0

PTC/FlexPLM 13.0.3.0

PTC/Windchill PDMLink < 11.0 M030

... and 9 more

Published Jun 18, 2026

KEV Added Jun 25, 2026

Tracked Since Jun 18, 2026