Update KEV: Sat Jun 21 00:13:04 UTC 2025

aboutcode-automation · aboutcode-automation · commit 3b87cd56ff08 · 2025-06-21T00:13:04.000Z
Signed-off-by: AboutCode Automation &lt;automation@aboutcode.org&gt;
diff --git a/known_exploited_vulnerabilities.json b/known_exploited_vulnerabilities.json
@@ -1,7 +1,7 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.06.17",
-    "dateReleased": "2025-06-17T17:00:46.2025Z",
+    "catalogVersion": "2025.06.20",
+    "dateReleased": "2025-06-20T15:54:44.9005Z",
     "count": 1367,
     "vulnerabilities": [
         {
@@ -49,15 +49,15 @@
         },
         {
             "cveID": "CVE-2025-33053",
-            "vendorProject": "Web Distributed Authoring and Versioning",
-            "product": "Web Distributed Authoring and Versioning (WebDAV)",
-            "vulnerabilityName": "Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability",
+            "vendorProject": "Microsoft",
+            "product": "Windows",
+            "vulnerabilityName": " Microsoft Windows External Control of File Name or Path Vulnerability",
             "dateAdded": "2025-06-10",
-            "shortDescription": "Web Distributed Authoring and Versioning (WebDAV) contains an external control of file name or path vulnerability. This vulnerability could allow an unauthorized attacker to execute code over a network. This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows.",
+            "shortDescription": "Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.",
             "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
             "dueDate": "2025-07-01",
             "knownRansomwareCampaignUse": "Unknown",
-            "notes": "This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-33053 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-33053",
+            "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-33053 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-33053",
             "cwes": [
                 "CWE-73"
             ]
