CVE-2025-48443 MEDIUM

CVE-2025-48443

Vendor Trend Micro, Inc.
Product Trend Micro Password Manager
Weakness CWE-64
Published June 17, 2025
Last update June 18, 2025

CVSS base score

6.7/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager.

Key dates

02Disclosure timeline

June 17, 2025 CVE published
June 18, 2025 Record updated