The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.
References
Configurations
History
18 Apr 2022, 17:08
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-74 | |
References | (MISC) https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client - Press/Media Coverage, Third Party Advisory | |
References | (MISC) https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html - Press/Media Coverage, Third Party Advisory | |
References | (MISC) https://blog.underdogsecurity.com/rce_in_origin_client/ - Broken Link | |
References | (MISC) http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien - Press/Media Coverage, Third Party Advisory | |
References | (MISC) https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/ - Press/Media Coverage, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2019-04-19 22:29
Updated : 2024-02-04 20:20
NVD link : CVE-2019-11354
Mitre link : CVE-2019-11354
CVE.ORG link : CVE-2019-11354
JSON object : View
Products Affected
ea
- origin
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')