CVE-2025-53772: Web Deploy Remote Code Execution Vulnerability

Overview

Severity

High (CVSS 8.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2025-Aug

Released

2025-08-12

EPSS Score

2.34% (percentile: 84.8%)

Description

Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.

FAQ

How could an attacker exploit the vulnerability? An authenticated attacker could exploit the vulnerability by sending a malicious http request to the web server.

Known Exploits (2)

• Microsoft web_deploy_4.0 Deserialization of Untrusted Data — added 2025-12-10T07:02:21Z
• Microsoft web_deploy_4.0 Deserialization of Untrusted Data — added 2025-09-04T12:56:43Z

Detection & Weaponization (1 sources)

Maturity: Exploit

• GitHub PoC: 2 repositories

Affected Products (1)

Developer Tools

• Web Deploy 4.0

Security Updates (1)

• Release Notes

Acknowledgments

<a href="https://x.com/int20z">Batuhan Er</a> with <a href="https://hawktrace.com/">HawkTrace</a>

Revision History

• 2025-08-12: Information published.