CVE-2025-33053: 
vulnerability analysis and mitigation

CVE-2025-33053 is a Remote Code Execution (RCE) vulnerability in Web Distributed Authoring and Versioning (WebDAV) discovered in March 2025 and patched on June 10, 2025. The vulnerability allows an unauthorized attacker to execute code over a network through social engineering by convincing a target to open a malicious URL or file. It received a CVSSv3 score of 8.8 and is rated as important (Tenable Blog, NVD).

The vulnerability exists in Microsoft Windows Web Distributed Authoring and Versioning (WebDAV) system. It allows attackers to execute arbitrary code by manipulating the working directory of a legitimate built-in Windows tool. The vulnerability requires user interaction, specifically clicking on a specially crafted WebDAV URL. It received a high severity CVSSv3 score of 8.8 with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (Tenable Blog, Bleeping Computer).

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the affected system with the privileges of the compromised user. The vulnerability affects network security as it enables remote code execution capabilities over a network connection (Tenable Blog).

Microsoft has released a security patch for this vulnerability as part of their June 2025 Patch Tuesday updates. Organizations are advised to apply the security updates as soon as possible to protect against potential exploitation (Tenable Blog).

The vulnerability was discovered and reported by Alexandra Gofman and David Driker from Check Point Research. The security community has highlighted the significance of this vulnerability due to its active exploitation in the wild by an APT group (Bleeping Computer).