Security News > 2020 > November > EA Games' Origin client contained privilege escalation vuln that anyone with user-grade access could exploit
A British infosec outfit spotted a privilege escalation vulnerability in EA Games' Origin client after discovering the software was hunting for an absent DLL file when users opened it.
Nettitude found the priv-esc after researcher Tom Wilson fired up Origin and ran Process Monitor over it to see what Origin was calling when it ran.
As Nettitude's Rob Bone told The Register: "The crux is Origin itself tries to load a binary from a path that doesn't exist. It's most likely that it does exist under dev boxes but was not trimmed from the final polished product."
Origin had about 30 million users, according to a public financial filings by Electronic Arts posted some eight years ago.
Gamers should confirm they're running version 10.5.86 or later to ensure the Origin client is patched against this vuln.