Back to KEVs

CVE-2025-33053

Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability

Basic Information

CVE State
PUBLISHED
Reserved Date
April 15, 2025
Published Date
June 10, 2025
Last Updated
June 12, 2025
Vendor
Microsoft
Product
Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)
Description
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
Tags
windows microsoft cisa

CVSS Scores

CVSS v3.1

8.8 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

EPSS Score

Score
27.89% (Percentile: 96.19%) as of 2025-06-13

SSVC Information

Exploitation
none
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2025-06-11 08:45:22 UTC) Source

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33053

Known Exploited Vulnerability Information

Source Added Date
CISA 2025-06-11 08:45:15 UTC

Recent Mentions

Microsoft Patch Tuesday: June 2025

Source: Arctic Wolf • Published: 2025-06-11 18:08:48 UTC

On June 10, 2025, Microsoft released its June 2025 security update, addressing 66 newly disclosed vulnerabilities. Arctic Wolf has highlighted five of these vulnerabilities in this security bulletin due to their potential impact.  Vulnerabilities  Vulnerability  CVSS  Description  Exploited?  CVE-2025-33053  8.8  Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability – A remote threat actor ... Microsoft Patch Tuesday: June 2025

Windows 11 June 2025 Patch Tuesday Fixes 66 Flaws, One Zero-Day

Source: CyberInsider • Published: 2025-06-10 19:13:00 UTC

Microsoft's June 2025 Patch Tuesday addresses 66 vulnerabilities across its product suite, including a high-severity zero-day in the WebDAV service that is currently being exploited in the wild. The most critical flaws this month impact core Windows services, remote access components, and Microsoft Office products. The zero-day vulnerability, tracked as CVE-2025-33053, is a remote code … The post Windows 11 June 2025 Patch Tuesday Fixes 66 Flaws, One Zero-Day appeared first on CyberInsider.

Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)

Source: Tenable Blog • Published: 2025-06-10 17:44:53 UTC

9Critical56Important0Moderate0LowMicrosoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild.Microsoft addresses 65 CVEs in its June 2025 Patch Tuesday release, with nine rated critical, and 56 rated as important. Our counts omitted one vulnerability reported by CERT CC.This month’s update includes patches for:.NET and Visual StudioApp Control for Business (WDAC)Microsoft AutoUpdate (MAU)Microsoft Local Security Authority Server (lsasrv)Microsoft OfficeMicrosoft Office ExcelMicrosoft Office OutlookMicrosoft Office PowerPointMicrosoft Office SharePointMicrosoft Office WordNuance Digital Engagement PlatformPower AutomateRemote Desktop ClientVisual StudioWebDAVWindows Common Log File System DriverWindows Cryptographic ServicesWindows DHCP ServerWindows DWM Core LibraryWindows HelloWindows InstallerWindows KDC Proxy Service (KPSSVC)Windows KernelWindows Local Security Authority (LSA)Windows Local Security Authority Subsystem Service (LSASS)Windows MediaWindows NetlogonWindows Recovery DriverWindows Remote Access Connection ManagerWindows Remote Desktop ServicesWindows Routing and Remote Access Service (RRAS)Windows SDKWindows SMBWindows Security AppWindows ShellWindows Standards-Based Storage Management ServiceWindows Storage Management ProviderWindows Storage Port DriverWindows Win32K GRFXRemote code execution (RCE) vulnerabilities accounted for 38.5% of the vulnerabilities patched this month, followed by information disclosure vulnerabilities at 26.2%.ImportantCVE-2025-33053 | Web Distributed Authoring and Versioning (WebDAV) Remote Code Execution VulnerabilityCVE-2025-33053 is a RCE in Web Distributed Authoring and Versioning (WebDAV). It was assigned a CVSSv3 score of 8.8 and is rated important. An attacker could exploit this vulnerability through social engineering, by convincing a target to open a malicious URL or file. Successful exploitation would give the attacker the ability to execute code on the victim’s...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Source: All CISA Advisories • Published: 2025-06-10 12:00:00 UTC

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-24016 Wazuh Server Deserialization of Untrusted Data Vulnerability CVE-2025-33053 Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.  Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. 

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel