Security Vulnerabilities fixed in Origin 10.5.39

description-logoDescription

An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via the platformpluginpath argument supplied with a Windows network share.

affected-products-logoAffected Applications

Origin

CVE References

CVE-2019-12828