CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
26 June 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability in question is