← All stories
● Covered by 1 source Β· 2 reportsHigh impact

CISA Warns of Exploited Flaws in Lantronix EDS5000 and PTC Windchill

Aggregated by BrevFeed security Β· updated 4d ago
πŸ”– Save

The CISA has issued alerts concerning the exploitation of critical vulnerabilities in Lantronix EDS5000 and PTC Windchill systems. The Lantronix flaw allows code execution with escalated privileges, while the Windchill vulnerability enables remote code execution. Both alerts urge immediate patching to mitigate risks posed by these active threats.

Key points

Overview of Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts on two critical vulnerabilities that are actively being exploited. The first affects Lantronix EDS5000 Series devices, identified as CVE-2025-67038, and involves the execution of arbitrary commands with elevated privileges. The second, CVE-2026-12569, affects PTC Windchill systems, allowing remote code execution.

These vulnerabilities present significant security risks, necessitating immediate attention and patch application from users of the affected systems.

Lantronix EDS5000 Flaw

The CVE-2025-67038 vulnerability in Lantronix EDS5000 devices results from improper sanitization within the HTTP RPC module. This flaw allows attackers to execute arbitrary OS commands by manipulating the username parameter.

Forescout Research Vedere Labs disclosed this issue in April 2026 as part of the BRIDGE:BREAK set of vulnerabilities. CISA advises Federal Civilian Executive Branch agencies to patch affected systems by June 26, 2026.

PTC Windchill Vulnerability

The CVE-2026-12569 flaw in PTC Windchill systems involves improper input validation, leading to remote code execution through deserialization of untrusted data. Despite released patches, active exploitations continue, with attackers deploying JSP web shells to compromise systems.

PTC has provided indicators of compromise for users to detect possible breaches.

Immediate Mitigation Required

Given the high CVSS scores (9.8 for Lantronix and 9.3 for Windchill), these vulnerabilities are considered critical. The urgency of applying patches cannot be overstated, as active exploitation poses substantial security risks to network infrastructures.

Organizations using Lantronix EDS5000 and PTC Windchill should prioritize patch application to secure their systems against these threats.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

How outlets covered it

CISA has added a critical remote code execution vulnerability in PTC Windchill to its KEV catalog due to evidence of active exploitation. Attackers have been deploying JSP web shells by exploiting this flaw, prompting urgent mitigation measures for affected users.

CISA has issued an alert on the active exploitation of CVE-2025-67038, a critical security flaw in Lantronix EDS5000 devices. The vulnerability allows attackers to execute arbitrary commands with elevated privileges, emphasizing the urgent need for affected agencies to apply patches by June 26, 2026.