THREAT OPS › CVEs › CVE-2025-33053
CVE-2025-33053 — Microsoft Windows External Control of File Name or Path Vulnerability
Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.
Vulnerability details
- Affected productsWindows
- KEV remediation due2025-07-01