CVE-2025-48443

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below

Description The issue allows a local attacker to leverage a Link Following Local Privilege Escalation vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager.

Recommendations For Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below, update to a version above 5.0.0.1266 to resolve the issue.

Fix

LPE

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-64CWE-59

Related Identifiers

BDU:2025-08891

CVE-2025-48443

ZDI-25-361

Affected Products

Trend Micro Password Manager

CVE-2025-48443

Weakness Enumeration

Related Identifiers

Affected Products

References · 12