CVE-2026-0851: PTC Windchill Product Lifecycle Management

CVSSawaiting NVD

ExploitationNo exploitation reported

Triage statusUnder Review

ActionSchedule for next cycle

Affected product

PTC Windchill Product Lifecycle Management

Remediation Steps

Document all PTC Windchill instances and their versions across enterprise
Apply PTC security patches addressing remote code execution flaw
Restrict Windchill access to authorized users via VPN or network segmentation
Implement input validation and WAF rules for Windchill web interfaces
Enable enhanced logging and monitoring for unusual Windchill process execution

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-085-03.json
https://www.ptc.com/en/support
https://nvd.nist.gov/vuln/detail/CVE-2026-0851

Coverage on defend.network

Vulnerability Priority Report – Week 5 of March 2026 (March 30 – April 5)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts