CISA Flags Critical PTC Vulnerability That Had German Police Mobilized reports that the vulnerability tracked as CVE-2026-4681 affects PTC’s Windchill and FlexPLM products, arising from deserialization of untrusted data and potentially allowing a remote, unauthenticated attacker to execute arbitrary code. CISA issued an advisory to inform organisations in the US about the flaw, while the vendor has yet to release patches and has provided mitigations and indicators of compromise.
According to CISA and its German counterpart, the BSI, regular advisories have been published, and the issue prompted urgent action in Germany. Heise reports that police were deployed in several German states to physically warn companies about the risk, a move described as unprecedented, with officers visiting various sites, including some in the middle of the night.
Some affected organisations asserted their systems were not at risk, noting internal network exposure limits or lack of use of the affected components. Researchers have warned that despite no confirmed in-the-wild exploits to date, sophisticated threat actors could weaponise this flaw to gain enterprise access.