Search criteria
18 vulnerabilities found for origin by ea
FKIE_CVE-2020-27708
Vulnerability from fkie_nvd - Published: 2020-11-02 21:15 - Updated: 2024-11-21 05:21
Severity ?
Summary
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "FE33663B-A4D4-4560-AB40-8696BDBB0FDB",
"versionEndIncluding": "10.5.86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "3412F0B0-9574-48D8-AA89-2BA6BAF37239",
"versionEndIncluding": "10.5.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en Origin Client que podr\u00eda permitir a un usuario no administrativo elevar su acceso a Administrator o System.\u0026#xa0;Una vez que el usuario ha obtenido un acceso elevado, ellos pueden ser capaces de tomar el control del sistema y llevar a cabo acciones que de otra manera estar\u00edan reservadas para usuarios con privilegios elevados o administradores del sistema"
}
],
"id": "CVE-2020-27708",
"lastModified": "2024-11-21T05:21:40.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-02T21:15:29.773",
"references": [
{
"source": "secure@ea.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"sourceIdentifier": "secure@ea.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-19741
Vulnerability from fkie_nvd - Published: 2020-02-20 16:15 - Updated: 2024-11-21 04:35
Severity ?
Summary
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "CEDBB112-07E8-42F6-9580-2FE2DB63E6DF",
"versionEndExcluding": "10.5.56.33908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D104148B-CBE0-445C-85DB-E9E3784729C7",
"versionEndExcluding": "10.5.56.33908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client\u0027s executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges."
},
{
"lang": "es",
"value": "Electronic Arts Origin versi\u00f3n 10.5.55.33574, es vulnerable a una escalada de privilegios local debido a una manipulaci\u00f3n arbitraria de la DACL de directorios, un problema diferente de CVE-2019-19247 y CVE-2019-19248. Cuando el archivo Origin.exe se conecta a la tuber\u00eda llamada OriginClientService, el servicio privilegiado verifica el archivo ejecutable del cliente en lugar de su proceso en memoria (que puede ser significativamente diferente del archivo ejecutable debido, por ejemplo, a una inyecci\u00f3n de DLL). Los datos transmitidos por medio de la tuber\u00eda son cifrados usando una clave est\u00e1tica. En lugar de enganchar la comunicaci\u00f3n de la tuber\u00eda directamente por medio de la funci\u00f3n WriteFileEx(), esto puede ser omitido enganchando la funci\u00f3n EVP_EncryptUpdate() de la biblioteca libeay32.dll. La tuber\u00eda toma el comando CreateDirectory para crear un directorio y ajustar la DACL del directorio. Las llamadas a esta funci\u00f3n pueden ser interceptadas, el directorio y la DACL pueden ser reemplazadas y la DACL manipulada es escrita. La escritura arbitraria de la DACL es lograda a\u00fan m\u00e1s mediante la creaci\u00f3n de un enlace f\u00edsico en un directorio controlado por el usuario que apunta (por ejemplo) a un binario de servicio. La DACL es entonces escrita en este binario de servicio, lo que resulta en una escalada de privilegios."
}
],
"id": "CVE-2019-19741",
"lastModified": "2024-11-21T04:35:17.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-20T16:15:11.390",
"references": [
{
"source": "cve@mitre.org",
"url": "https://medium.com/%40tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://medium.com/%40tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-19248
Vulnerability from fkie_nvd - Published: 2019-12-12 14:15 - Updated: 2024-11-21 04:34
Severity ?
Summary
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client | Mitigation, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "81E5EF20-9A62-4761-9F5A-1CC629B4FEF2",
"versionEndIncluding": "10.5.55.33574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "61A6BE36-3600-4AF4-A164-AE59A2284274",
"versionEndIncluding": "10.5.55.33574",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2)."
},
{
"lang": "es",
"value": "Electronic Arts Origin versiones hasta 10.5.x, permite una Elevaci\u00f3n de Privilegios (problema 2 de 2)."
}
],
"id": "CVE-2019-19248",
"lastModified": "2024-11-21T04:34:24.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-12T14:15:16.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-19247
Vulnerability from fkie_nvd - Published: 2019-12-12 14:15 - Updated: 2024-11-21 04:34
Severity ?
Summary
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "E7293D8C-151E-4C69-A6EB-F009109C8BBB",
"versionEndIncluding": "10.5.56.33908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "13291E14-AF8F-4CA4-A3A0-AC96C4FB62BA",
"versionEndIncluding": "10.5.56.33908",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2)."
},
{
"lang": "es",
"value": "Electronic Arts Origin versiones hasta 10.5.x, permite una Elevaci\u00f3n de Privilegios problema 1 de 2)."
}
],
"id": "CVE-2019-19247",
"lastModified": "2024-11-21T04:34:24.513",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-12T14:15:16.540",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-12828
Vulnerability from fkie_nvd - Published: 2019-06-14 20:29 - Updated: 2024-11-21 04:23
Severity ?
Summary
An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ea:origin:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A015C076-880E-47CC-BFBF-5D59D2CEE503",
"versionEndExcluding": "10.5.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share."
},
{
"lang": "es",
"value": "Fue encontrado un problema en Origin de Electronic Arts anterior a versi\u00f3n 10.5.39. Debido a un saneamiento inapropiado de los esquemas URI origin:// y origin2://, es posible inyectar argumentos adicionales en el proceso Origin y, finalmente, impulsar la ejecuci\u00f3n del c\u00f3digo cargando un plugin Qt de puerta trasera (backdoor) remotamente por medio del argumento platformpluginpath suministrado con una red compartida de Windows."
}
],
"id": "CVE-2019-12828",
"lastModified": "2024-11-21T04:23:40.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-14T20:29:00.277",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"source": "cve@mitre.org",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-11354
Vulnerability from fkie_nvd - Published: 2019-04-19 22:29 - Updated: 2024-11-21 04:20
Severity ?
Summary
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ea:origin:10.5.36:*:*:*:*:windows:*:*",
"matchCriteriaId": "F34F83F5-9849-4898-9B53-4FA53E5CCB04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication."
},
{
"lang": "es",
"value": "El cliente de Electronic Arts (EA) Origin versi\u00f3n 10.5.36 en Windows permite la inyecci\u00f3n de plantillas en el par\u00e1metro title del controlador URI de Origin2. Esto se puede utilizar para escapar del entorno limitado AngularJS subyacente y lograr la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de una direcci\u00f3n URL origin2://game/launch para la comunicaci\u00f3n QtApplication QDesktopServices."
}
],
"id": "CVE-2019-11354",
"lastModified": "2024-11-21T04:20:55.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-19T22:29:00.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-27708 (GCVE-0-2020-27708)
Vulnerability from cvelistv5 – Published: 2020-10-30 16:23 – Updated: 2024-08-04 16:18
VLAI?
Summary
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Origin",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "10.5.86 (or earlier)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-30T16:23:56",
"orgId": "442d7a9f-d735-4edc-91a9-bdd618cbff51",
"shortName": "EA"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@ea.com",
"ID": "CVE-2020-27708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Origin",
"version": {
"version_data": [
{
"version_value": "10.5.86 (or earlier)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client",
"refsource": "MISC",
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "442d7a9f-d735-4edc-91a9-bdd618cbff51",
"assignerShortName": "EA",
"cveId": "CVE-2020-27708",
"datePublished": "2020-10-30T16:23:56",
"dateReserved": "2020-10-26T00:00:00",
"dateUpdated": "2024-08-04T16:18:45.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19741 (GCVE-0-2019-19741)
Vulnerability from cvelistv5 – Published: 2020-02-20 15:44 – Updated: 2024-08-05 02:25
VLAI?
Summary
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client\u0027s executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T15:44:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client\u0027s executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27",
"refsource": "MISC",
"url": "https://medium.com/@tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19741",
"datePublished": "2020-02-20T15:44:15",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19248 (GCVE-0-2019-19248)
Vulnerability from cvelistv5 – Published: 2019-12-12 13:52 – Updated: 2024-08-05 02:09
VLAI?
Summary
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-12T13:52:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client",
"refsource": "CONFIRM",
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19248",
"datePublished": "2019-12-12T13:52:23",
"dateReserved": "2019-11-25T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19247 (GCVE-0-2019-19247)
Vulnerability from cvelistv5 – Published: 2019-12-12 13:51 – Updated: 2024-08-05 02:09
VLAI?
Summary
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-12T13:51:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client",
"refsource": "MISC",
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19247",
"datePublished": "2019-12-12T13:51:03",
"dateReserved": "2019-11-25T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12828 (GCVE-0-2019-12828)
Vulnerability from cvelistv5 – Published: 2019-06-14 19:53 – Updated: 2024-08-04 23:32
VLAI?
Summary
An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:55.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T14:18:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/",
"refsource": "MISC",
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
},
{
"name": "https://www.youtube.com/watch?v=E9vCx9KsF3c",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"name": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/",
"refsource": "MISC",
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"name": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12828",
"datePublished": "2019-06-14T19:53:37",
"dateReserved": "2019-06-14T00:00:00",
"dateUpdated": "2024-08-04T23:32:55.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11354 (GCVE-0-2019-11354)
Vulnerability from cvelistv5 – Published: 2019-04-19 21:29 – Updated: 2024-08-04 22:48
VLAI?
Summary
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-01T17:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.underdogsecurity.com/rce_in_origin_client/",
"refsource": "MISC",
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"name": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/",
"refsource": "MISC",
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"name": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php",
"refsource": "MISC",
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"name": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/",
"refsource": "MISC",
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"name": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604",
"refsource": "MISC",
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"name": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien",
"refsource": "MISC",
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"name": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client",
"refsource": "MISC",
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"name": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942",
"refsource": "MISC",
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"name": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/",
"refsource": "MISC",
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
},
{
"name": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html",
"refsource": "MISC",
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"name": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11354",
"datePublished": "2019-04-19T21:29:05",
"dateReserved": "2019-04-19T00:00:00",
"dateUpdated": "2024-08-04T22:48:09.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-27708 (GCVE-0-2020-27708)
Vulnerability from nvd – Published: 2020-10-30 16:23 – Updated: 2024-08-04 16:18
VLAI?
Summary
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Origin",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "10.5.86 (or earlier)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-30T16:23:56",
"orgId": "442d7a9f-d735-4edc-91a9-bdd618cbff51",
"shortName": "EA"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@ea.com",
"ID": "CVE-2020-27708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Origin",
"version": {
"version_data": [
{
"version_value": "10.5.86 (or earlier)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client",
"refsource": "MISC",
"url": "https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "442d7a9f-d735-4edc-91a9-bdd618cbff51",
"assignerShortName": "EA",
"cveId": "CVE-2020-27708",
"datePublished": "2020-10-30T16:23:56",
"dateReserved": "2020-10-26T00:00:00",
"dateUpdated": "2024-08-04T16:18:45.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19741 (GCVE-0-2019-19741)
Vulnerability from nvd – Published: 2020-02-20 15:44 – Updated: 2024-08-05 02:25
VLAI?
Summary
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client\u0027s executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T15:44:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client\u0027s executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27",
"refsource": "MISC",
"url": "https://medium.com/@tobiasgyoerfi/ea-origin-10-5-55-33574-createdirectory-arbitrary-dacl-write-privilege-escalation-cve-2019-19741-5f18adfabb27"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19741",
"datePublished": "2020-02-20T15:44:15",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19248 (GCVE-0-2019-19248)
Vulnerability from nvd – Published: 2019-12-12 13:52 – Updated: 2024-08-05 02:09
VLAI?
Summary
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-12T13:52:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client",
"refsource": "CONFIRM",
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19248",
"datePublished": "2019-12-12T13:52:23",
"dateReserved": "2019-11-25T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19247 (GCVE-0-2019-19247)
Vulnerability from nvd – Published: 2019-12-12 13:51 – Updated: 2024-08-05 02:09
VLAI?
Summary
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-12T13:51:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client",
"refsource": "MISC",
"url": "https://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19247",
"datePublished": "2019-12-12T13:51:03",
"dateReserved": "2019-11-25T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12828 (GCVE-0-2019-12828)
Vulnerability from nvd – Published: 2019-06-14 19:53 – Updated: 2024-08-04 23:32
VLAI?
Summary
An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:55.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T14:18:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/",
"refsource": "MISC",
"url": "https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/"
},
{
"name": "https://www.youtube.com/watch?v=E9vCx9KsF3c",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=E9vCx9KsF3c"
},
{
"name": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/",
"refsource": "MISC",
"url": "https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-574/"
},
{
"name": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12828",
"datePublished": "2019-06-14T19:53:37",
"dateReserved": "2019-06-14T00:00:00",
"dateUpdated": "2024-08-04T23:32:55.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-11354 (GCVE-0-2019-11354)
Vulnerability from nvd – Published: 2019-04-19 21:29 – Updated: 2024-08-04 22:48
VLAI?
Summary
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-01T17:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.underdogsecurity.com/rce_in_origin_client/",
"refsource": "MISC",
"url": "https://blog.underdogsecurity.com/rce_in_origin_client/"
},
{
"name": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/",
"refsource": "MISC",
"url": "https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/"
},
{
"name": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php",
"refsource": "MISC",
"url": "http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php"
},
{
"name": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/",
"refsource": "MISC",
"url": "https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/"
},
{
"name": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604",
"refsource": "MISC",
"url": "https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604"
},
{
"name": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien",
"refsource": "MISC",
"url": "https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien"
},
{
"name": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client",
"refsource": "MISC",
"url": "https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client"
},
{
"name": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942",
"refsource": "MISC",
"url": "https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942"
},
{
"name": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/",
"refsource": "MISC",
"url": "https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/"
},
{
"name": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html",
"refsource": "MISC",
"url": "https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html"
},
{
"name": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html"
},
{
"name": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11354",
"datePublished": "2019-04-19T21:29:05",
"dateReserved": "2019-04-19T00:00:00",
"dateUpdated": "2024-08-04T22:48:09.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}