Check here for the latest information on the Spring4Shell security vulnerability (CVE-2022-22965) by PTC product
Last Updated: July 19, 2022 at 12:55 p.m.
PTC is aware of the critical zero-day vulnerability that has been discovered in the Spring Framework.
Technical details of the Spring4Shell CVE 2022-22965 vulnerability are available here: https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#am-i-impacted.
The PTC Cybersecurity team has been actively investigating any potential impact of this vulnerability as it relates to PTC Products, Services, and IT Infrastructure.
PTC recommends that all customers immediately work with their IT departments to implement mitigating controls such as WAF and/or other security measures.
PTC will provide updates as more information becomes available.
If you need to contact PTC, please go to www.ptc.com/support.