CVE-2025-48443

CWE-643 documents3 sources

Severity

6.6MEDIUM

EPSS

0.1%

top 77.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro, Inc. Trend Micro Password Manager Trendmicro Password Manager

Timeline

PublishedJun 17

Description

Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

▶NVDtrendmicro/password_manager< 5.8.0.1330

▶CVEListV5trend_micro,_inc./trend_micro_password_manager5.0 — 5.8.0.1330

🔴Vulnerability Details

GHSA

GHSA-c8jv-wc89-vqf7: Trend Micro Password Manager (Consumer) version 5↗2025-06-17

▶

CVEList

CVE-2025-48443: Trend Micro Password Manager (Consumer) version 5↗2025-06-17

▶