[Japanese]
|
JVNDB-2025-007978
|
Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)
|
Trend Micro Incorporated has released a security update for Trend Micro Password Manager for Windows.
Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
|
|
|
Trend Micro, Inc.
- Password Manager for Windows version 5.0.0.1266 and earlier - CVE-2025-48443
- Password Manager for Windows version 5.8.0.1327 and earlier - CVE-2025-52837
|
|
* Arbitrary files may be deleted during the product installation due to a windows shortcut following (.LNK) vulnerability (CWE-64, CVE-2025-48443)
* Arbitrary files and folders may be deleted and privileges may be escalated due to a windows shortcut following (.LNK) vulnerability (CWE-64, CVE-2025-52837)
|
For CVE-2025-48443:
[Use the latest installer]
Use the latest installer provided by the developer.
For CVE-2025-52837:
[Update the software]
Update the software to the latest version.
According to the developer, the updates are automatically applied via ActiveUpdate.
|
Trend Micro, Inc.
|
- Windows Shortcut Following (.LNK)(CWE-64) [Other]
|
- CVE-2025-48443
- CVE-2025-52837
|
- JVN : JVNVU#91134474
|
- [2025/07/04]
Web page was published
|