PTC Warns of Imminent RCE Threat in Windchill and FlexPLM Systems

PTC reports a critical RCE vulnerability (CVE-2026-4681) in Windchill and FlexPLM software, leading to emergency warnings from German police due to an imminent threat of exploitation.

**If you're running PTC Windchill or FlexPLM, make sure these systems are isolated from the internet and accessible from trusted networks only. This one is a perfect 10.0 severity with no patch yet, so apply the recommended rewrite rules to block the WindchillGW and WindchillAuthGW servlet paths immediately. Also check your servers for signs of compromise like GW.class, payload.bin, or dpr_*.jsp files, and if you can't apply the workarounds, shut down the affected services until PTC releases an official patch.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ptc-warns-of-imminent-rce-threat-in-windchill-and-flexplm-systems-8-k-p-i-c/gD2P6Ple2L