CVE-2026-4681

CRITICAL

Critical Remote Code Execution vulnerability reported in Windchill

Title source: cna

Description

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 12.1.2.0, 12.1.3.0, 13.0.2.0, 13.0.3.0.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory mitigation

https://www.ptc.com/en/about/trust-center/advisory-center/active-advisories/windchill-flexplm-critical-vulnerability?srsltid=AfmBOop3e7Nthx5-BsrjKdpZi50wL6l6Bt21Fz0gUub2cIPgdPGV5bNl

Scores

CVSS v4 9.3

EPSS 0.0067

EPSS Percentile 47.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/AU:Y/R:U/V:C/RE:M/U:Red

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-94

Status published

Products (20)

PTC/FlexPLM 11.0 M030

PTC/FlexPLM 11.1 M020

PTC/FlexPLM 11.2.1.0

PTC/FlexPLM 12.0.0.0

PTC/FlexPLM 12.0.2.0

PTC/FlexPLM 12.0.3.0

PTC/FlexPLM 12.1.2.0

PTC/FlexPLM 12.1.3.0

PTC/FlexPLM 13.0.2.0

PTC/FlexPLM 13.0.3.0

... and 10 more

Published Mar 23, 2026

Tracked Since Mar 24, 2026