Microsoft WebDAV Zero-Day (CVE‑2025‑33053) Exploited in Targeted Attacks

A critical zero-day vulnerability in Microsoft’s WebDAV service (CVE‑2025‑33053) was recently patched after being exploited in the wild by the Stealth Falcon APT group. The exploit enabled remote code execution and was used in targeted espionage campaigns against Middle Eastern defense and government sectors, including Turkey, Qatar, Egypt, and Yemen.

The flaw was addressed in Microsoft’s June 2025 Patch Tuesday. Security analysts recommend immediate patching and WebDAV auditing, as the attacks were stealthy and could have long-term persistence impacts.

Reference: research.checkpoint, bleepingcomputer, darkreading, helpnetsecurity