CVE-2025-33053HIGH 8.8CISA KEVEPSS p99.6%
CVE-2025-33053 Microsoft Windows External Control of File Name or Path Vulnerability
Microsoft / Windows
Description
Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.
Scoring
| CVSS 3.1 | 8.8 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| EPSS | 81.56% probability of exploitation · percentile 99.6% · 2026-06-17T12:03:21Z |
| Published | 2025-06-10 |
| Last modified | 2025-10-27 |
CISA KEV entry
Added to KEV: 2025-06-10
Underlying weaknesses· 1
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33053
- https://research.checkpoint.com/2025/stealth-falcon-zero-day/
- https://therecord.media/microsoft-cisa-zero-day-turkish-defense-org
- https://www.bleepingcomputer.com/news/security/stealth-falcon-hackers-exploited-windows-webdav-zero-day-to-drop-malware/
- https://www.darkreading.com/vulnerabilities-threats/stealth-falcon-apt-exploits-microsoft-rce-zero-day-mideast
- https://www.theregister.com/2025/06/10/microsoft_patch_tuesday_june/
- https://www.vicarius.io/vsociety/posts/cve-2025-33053-detection-script-remote-code-execution-vulnerability-in-microsoft-webdav
- https://www.vicarius.io/vsociety/posts/cve-2025-33053-mitigation-script-remote-code-execution-vulnerability-in-microsoft-webdav
1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Weakness | External Control of File Name or Pathcwe-73 | 0% | live |
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| KEVEntry | Microsoft Windows External Control of File Name or Path Vulnerabilitykev-cve-2025-33053 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.