CVE-2019-11354

The client in Electronic Arts EA Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices...

CVE-2019-12828

An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via t...

EUVD-2019-8873

Malware in sbrugna...

EUVD-2019-8874

Malware in sbrugna...

EUVD-2013-4712

Malware in sbrugna...

CVE-2019-19741

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...

CVE-2019-19247

Electronic Arts Origin through 10.5.x allows Elevation of Privilege issue 1 of 2...

CVE-2019-19248

Electronic Arts Origin through 10.5.x allows Elevation of Privilege issue 2 of 2...

CVE-2013-4867

Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking...

CVE-2024-57276

In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges,...

CVE-2024-57276

In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges,...

CVE-2024-57276

Dragon Age Origins 1.05 is affected by an unquoted service path in the DAUpdaterSVC service. The service runs under NT AUTHORITY\SYSTEM with insecure permissions, enabling local privilege escalation by replacing or placing a malicious executable in the service path. Connected sources consistently...

CVE-2024-57276

In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges,...

(0Day) Electronic Arts Origin Web Helper Service Link Following Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Electronic Arts Origin. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Web Helpe...

Game giant Electronic Arts is the latest victim of massive data breach

By Deeba Ahmed Electronic Arts EA has confirmed that hackers have stolen valuable information from the company, and around 780GB of data was compromised. This is a post from HackRead.com Read the original post: Game giant Electronic Arts is the latest victim of massive data breach...

Hackers Steal FIFA 21 Source Code, Tools in EA Breach

Hackers have breached computer game maker Electronic Arts EA and stolen source code and related tools for the company’s extensive game library, the company has confirmed. EA said it’s investigating “a recent incident of intrusion into our network where a limited amount of game source code and...

Electronic Arts Origin Client Remote Code Injection (CVE-2019-11354)

A template injection vulnerability exists in the Electronic Arts Origin Client. The vulnerability is due to improper validation of data in the title parameter. Successful exploitation could result in command execution on the target machine in the context of the application...

Electronic Arts Origin elevation of privilege vulnerability (CNVD-2020-13143)

Electronic Arts Origin is a game management platform from Electronic Arts. The platform includes features such as electronic software distribution, digital rights management, and a social networking system. A security vulnerability exists in Electronic Arts Origin version 10.5.55.33574. The...

CVE-2019-19741

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...

Design/Logic Flaw

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...