What is the severity of CVE-2019-19741?

CVE-2019-19741 has been classified as a local privilege escalation vulnerability.

How does CVE-2019-19741 affect Electronic Arts Origin?

CVE-2019-19741 allows a local attacker to manipulate directory DACLs which can lead to privilege escalation on affected systems.

Which versions of Electronic Arts Origin are impacted by CVE-2019-19741?

CVE-2019-19741 affects Electronic Arts Origin versions up to but not including 10.5.56.33908 on both macOS and Windows platforms.

How do I fix CVE-2019-19741?

To mitigate CVE-2019-19741, update Electronic Arts Origin to version 10.5.56.33908 or later.

Is CVE-2019-19741 a widespread issue?

While CVE-2019-19741 is specific to Electronic Arts Origin, the potential for local privilege escalation makes it a concern for users of affected versions.

Vulnerability/
CVE-2019-19741

high

7.8

20/2/2020

5/8/2024

CVE-2019-19741

First published: Thu Feb 20 2020(Updated: )

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's executable file instead of its in-memory process (which can be significantly different from the executable file due to, for example, DLL injection). Data transmitted over the pipe is encrypted using a static key. Instead of hooking the pipe communication directly via WriteFileEx(), this can be bypassed by hooking the EVP_EncryptUpdate() function of libeay32.dll. The pipe takes the command CreateDirectory to create a directory and adjust the directory DACL. Calls to this function can be intercepted, the directory and the DACL can be replaced, and the manipulated DACL is written. Arbitrary DACL write is further achieved by creating a hardlink in a user-controlled directory that points to (for example) a service binary. The DACL is then written to this service binary, which results in escalation of privileges.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Electronic Arts Origin	<10.5.56.33908
Electronic Arts Origin	<10.5.56.33908

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-19741?
CVE-2019-19741 has been classified as a local privilege escalation vulnerability.
How does CVE-2019-19741 affect Electronic Arts Origin?
CVE-2019-19741 allows a local attacker to manipulate directory DACLs which can lead to privilege escalation on affected systems.
Which versions of Electronic Arts Origin are impacted by CVE-2019-19741?
CVE-2019-19741 affects Electronic Arts Origin versions up to but not including 10.5.56.33908 on both macOS and Windows platforms.
How do I fix CVE-2019-19741?
To mitigate CVE-2019-19741, update Electronic Arts Origin to version 10.5.56.33908 or later.
Is CVE-2019-19741 a widespread issue?
While CVE-2019-19741 is specific to Electronic Arts Origin, the potential for local privilege escalation makes it a concern for users of affected versions.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/references
agent/last-modified-date
agent/severity
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ea
canonical/electronic arts origin

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.