CVE-2025-48443 — MEDIUM (6.7)

Q: How severe is CVE-2025-48443?

CVE-2025-48443 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-48443?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Password Manager.

Vulnerability Description

Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Trendmicro	Password Manager	< 5.8.0.1330

Related Weaknesses (CWE)

CWE-64

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-12917Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-25-361/Third Party Advisory

FAQ

What is CVE-2025-48443?

CVE-2025-48443 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulne...

How severe is CVE-2025-48443?

CVE-2025-48443 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-48443?

Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Password Manager.