A critical deserialization vulnerability in PTC Windchill and FlexPLM has earned the rare distinction of prompting German federal police to physically show up at companies’ doors – on a Saturday night – to warn system administrators about impending exploitation. CVE-2026-4681 carries a perfect CVSS v3.1 score of 10.0 and a CVSS v4 score of 9.3, and as of this writing, no official patch exists.

What happened

PTC disclosed CVE-2026-4681 in late March 2026, warning of a remote code execution vulnerability caused by unsafe deserialization of untrusted data in both Windchill PDMLink and FlexPLM. The flaw allows an unauthenticated attacker to submit crafted serialized Java objects to the application server. Because the objects are deserialized without validation, successful exploitation yields arbitrary code execution in the context of the application server process.

Both CISA (via advisory ICSA-26-085-03) and Germany’s BSI issued advisories. Then Germany’s BKA took the unprecedented step of dispatching state-level criminal police (LKA) officers to affected organizations nationwide, physically handing administrators copies of PTC’s notification and urging immediate action. According to German outlet Heise, some admins were woken up in the middle of the night.

The urgency is justified. Windchill is PTC’s flagship product lifecycle management (PLM) platform, used extensively by aerospace, defense, automotive, and industrial manufacturing firms. These systems often hold proprietary engineering data, weapons system designs, and critical supply chain information – making them high-value targets for state-sponsored espionage.

Technical details

CVE ID: CVE-2026-4681 CVSS v3.1: 10.0 (Critical) CVSS v4: 9.3 (Critical) CWE: CWE-94 (Improper Control of Generation of Code / Code Injection) Attack vector: Network, no authentication required Vulnerability type: Unsafe Java deserialization

The vulnerable servlet accepts serialized objects over the network without proper input validation. An attacker can craft a malicious serialized payload that, when deserialized by the application server, executes arbitrary code. This is a well-understood class of vulnerability in Java applications, and mature tooling (like ysoserial) makes exploitation straightforward once the gadget chain is identified.

Affected versions

Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0

FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 12.1.2.0, 12.1.3.0, 13.0.2.0, 13.0.3.0

Versions prior to 11.0 and standard Junos OS (non-Evolved) are reportedly unaffected, though PTC’s advisory covers all currently supported release lines.

Indicators of compromise

PTC has published two specific IOCs to check for:

  • Presence of GW.class on the Windchill server
  • Presence of dpr_<8-hex-digits>.jsp files (e.g., dpr_a1b2c3d4.jsp)

Either artifact indicates an attacker has completed weaponization on the system and is positioned to execute arbitrary code. If you find these, treat the host as compromised.

Who’s affected

Any organization running an internet-facing or internally accessible Windchill or FlexPLM instance on the affected versions. Given Windchill’s dominance in manufacturing PLM, the blast radius is significant: aerospace contractors, defense primes, automotive OEMs, industrial equipment manufacturers, and their supply chains.

PTC states there is “credible evidence of an imminent threat by a third-party group to exploit the vulnerability,” though neither PTC nor the agencies have publicly attributed the threat to a specific actor. The German authorities’ response – physically dispatching police rather than simply emailing advisories – suggests intelligence indicating active or imminent state-sponsored targeting.

What to do right now

  1. Check for IOCs immediately. Search your Windchill servers for GW.class and any dpr_*.jsp files. If found, initiate incident response.

  2. Apply the servlet filter. PTC has published Apache/IIS rewrite rules to deny access to the affected servlet path. This is currently the only vendor-recommended mitigation. Apply it now.

  3. Restrict network access. If your Windchill instance is internet-facing, pull it behind a VPN or firewall immediately. Even internally, restrict access to the application to only required networks and users via ACLs.

  4. Monitor for patches. PTC says patches are “actively being developed and released” for all supported versions. Subscribe to PTC’s security advisory page and apply patches the moment they drop.

  5. Audit access logs. Review web server and application logs for unusual requests to deserialization endpoints. Look for anomalous POST requests with binary or Base64 payloads.

  6. Assume breach if exposed. If your instance was internet-accessible before mitigations were applied, conduct a full forensic investigation. Java deserialization exploits are typically weaponized within days of disclosure for vulnerabilities of this severity.

Advisories and references