What is the severity of CVE-2020-27708?

CVE-2020-27708 has a high severity rating due to its potential for unauthorized elevation of privileges.

How do I fix CVE-2020-27708?

To fix CVE-2020-27708, users should update the Origin Client to version 10.5.87 or later.

What systems are affected by CVE-2020-27708?

CVE-2020-27708 affects both macOS and Windows versions of the Electronic Arts Origin Client up to version 10.5.86.

What can an attacker do if they exploit CVE-2020-27708?

If exploited, an attacker could elevate their access to Administrator or System level, allowing them to control the system.

Is CVE-2020-27708 a common vulnerability?

CVE-2020-27708 is considered critical as it provides a potential pathway for unauthorized access in widely used gaming software.

Vulnerability/
CVE-2020-27708

high

7.8

CWE

427

30/10/2020

4/8/2024

CVE-2020-27708

First published: Fri Oct 30 2020(Updated: )

A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators.

Credit: secure@ea.com

Affected Software	Affected Version	How to fix
Electronic Arts Origin	<=10.5.86
Electronic Arts Origin	<=10.5.86

Never miss a vulnerability like this again

Reference Links

https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client

Frequently Asked Questions

What is the severity of CVE-2020-27708?
CVE-2020-27708 has a high severity rating due to its potential for unauthorized elevation of privileges.
How do I fix CVE-2020-27708?
To fix CVE-2020-27708, users should update the Origin Client to version 10.5.87 or later.
What systems are affected by CVE-2020-27708?
CVE-2020-27708 affects both macOS and Windows versions of the Electronic Arts Origin Client up to version 10.5.86.
What can an attacker do if they exploit CVE-2020-27708?
If exploited, an attacker could elevate their access to Administrator or System level, allowing them to control the system.
Is CVE-2020-27708 a common vulnerability?
CVE-2020-27708 is considered critical as it provides a potential pathway for unauthorized access in widely used gaming software.

agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/author
agent/last-modified-date
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ea
canonical/electronic arts origin
version/electronic arts origin/10.5.86

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2020-27708?
CVE-2020-27708 has a high severity rating due to its potential for unauthorized elevation of privileges.
How do I fix CVE-2020-27708?
To fix CVE-2020-27708, users should update the Origin Client to version 10.5.87 or later.
What systems are affected by CVE-2020-27708?
CVE-2020-27708 affects both macOS and Windows versions of the Electronic Arts Origin Client up to version 10.5.86.
What can an attacker do if they exploit CVE-2020-27708?
If exploited, an attacker could elevate their access to Administrator or System level, allowing them to control the system.
Is CVE-2020-27708 a common vulnerability?
CVE-2020-27708 is considered critical as it provides a potential pathway for unauthorized access in widely used gaming software.