CVE-2019-12828

Опубликовано: 14 июн. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Средний

Описание

An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share.

Ссылки

http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html
https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/
Exploit
Press/Media Coverage
Third Party Advisory
https://www.youtube.com/watch?v=E9vCx9KsF3c
Exploit
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-19-574/
https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/153385/EA-Origin-Remote-Code-Execution.html
https://www.bleepingcomputer.com/news/security/qt5-based-gui-apps-susceptible-to-remote-code-execution/
Exploit
Press/Media Coverage
Third Party Advisory
https://www.youtube.com/watch?v=E9vCx9KsF3c
Exploit
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-19-574/
https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ea:origin:*:*:*:*:*:*:*:*

Версия до 10.5.39 (исключая)

EPSS

Процентиль: 94%

0.1356

Средний

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-19

Связанные уязвимости

GHSA-vv87-5f3g-cfw2