Ptc · Ptc Thingworx · CVE-2024-40395
**Name of the Vulnerable Software and Affected Versions**
PTC ThingWorx version 9.5.0
**Description**
An Insecure Direct Object Reference (IDOR) in PTC ThingWorx allows attackers to view sensitive information, including personally identifiable information (PII), regardless of access level.
**Recommendations**
For PTC ThingWorx version 9.5.0, consider restricting access to sensitive information as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.