CVE-2025-48443

EUVD-2025-18565
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager.
.LNK
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
trendmicroCNA
6.7 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
trendmicropassword_manager
𝑥
< 5.8.0.1330
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://helpcenter.trendmicro.com/en-us/article/TMKA-12917
https://www.zerodayinitiative.com/advisories/ZDI-25-361/