CVE-2025-48443

Summary

Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Micro Password Manager5.0 < 5.8.0.1330affected

Weaknesses

  • CWE-64: CWE-64: Windows Shortcut Following

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References