NOTICE

Some features on this website won't work without JavaScript such as theme toggle, search bar, and copy article.

EA Origin Remote Command Execution

HIGH CVE-2019-12828 June 14, 2019

Dominik Penner @zer0pwn

DESCRIPTION

Another critical vulnerability in EA Origin enables remote command execution through malicious game URLs.

DETAILS

EA Origin contains another critical vulnerability that allows remote command execution through specially crafted game URLs. An attacker could create a malicious URL that, when processed by the Origin client, would execute arbitrary commands on the system.

AFFECTING

EA Origin • 10.5.39

REFERENCES

https://www.ea.com/security/security-bulletins/origin-remote-code-execution-vulnerability-2