Bug in EA’s Origin client left gamers open to attacks

Bug in EA’s Origin client left gamers open to attacks

The patch for the remote code execution vulnerability is already available, so don’t hold off on installing it

Electronic Arts (EA) has fixed a security flaw in the Windows version of its gaming client Origin that allowed attackers to remotely execute code on an affected computer.

The vulnerability was discovered by Dominik Penner and Daley Bee of Underdog Security, who also created and shared proof-of-concept code with TechCrunch.

The demo shows how Origin could be tricked to pop open the built-in Windows Calculator app. That said, the exploit could be deployed to launch any app and with the same level of privileges as the user. Worse, combined with PowerShell commands an attacker could execute various malicious payloads on the victim’s machine, according the research duo.

The exploit takes advantage of Origin’s URL scheme that, as TechCrunch notes, “allows gamers to open the app and load a game from a web page by clicking a link with origin:// in the address”.

In their demonstration, the researchers click a malicious link. However, in some cases the victim doesn’t even need to click anything. This is because the link can also be triggered “if the malicious code was combined with a cross-site scripting exploit that ran automatically in the browser”.

The loophole can also be exploited to break into gamers’ accounts, as it makes it possible to steal a gamer’s account access token using a single line of code.

It’s unclear if any gamers were actually attacked using the flaw, for which the fix was rolled out on Monday.

The Origin app on Windows is used by tens of millions of gamers. Origin’s macOS client was not affected by this vulnerability.

17 Apr 2019 – 05:38PM

via WeLiveSecurity https://www.welivesecurity.com
Link : https://www.welivesecurity.com
April 17, 2019 at 05:46PM

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *