CVE-2025-33053: Microsoft Windows External Control of File Name or Path

Microsoft Windows External Control of File Name or Path Vulnerability. Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.

• CISA KEV-listed (remediation due 2025-07-01)
• EPSS 50.3% (97.9% percentile)

Detection rules

• Potential Exploitation of RCE Vulnerability CVE-2025-33053 - Image Load high
• Potential Exploitation of RCE Vulnerability CVE-2025-33053 - Process Access high
• Potential Exploitation of RCE Vulnerability CVE-2025-33053 high
• Process Execution From WebDAV Share low

Browse the CVE database

Read the full analysis on IntelFusions