Local Privilege Escalation Vulnerability in Trend Micro Password Manager
CVE-2025-48443

6.7MEDIUM

Key Information:

Vendor: Trend Micro
Status: Trend Micro Password Manager
Vendor: CVE Published:; 17 June 2025

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2025-48443?

The Link Following Local Privilege Escalation Vulnerability in Trend Micro Password Manager versions 5.0.0.1266 and earlier allows a local attacker to exploit this flaw for unauthorized file deletion, running in the context of an administrator's privileges. This could lead to serious security breaches if exploited, as malicious users may affect sensitive files or system configurations.

Affected Version(s)

Trend Micro Password Manager 5.0 < 5.8.0.1330

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-12917

https://www.zerodayinitiative.com/advisories/ZDI-25-361/

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2025
Vulnerability Reserved
May 21, 2025