[Blog] Local Privilege Escalation in EA's Origin Clienthttps://enigma0x3.net/2019/12/10/cve-2019-19248-local-privilege-escalation-in-eas-origin-client/ …
-
-
Also, I'm not convinced that this vulnerability has been fixed in 10.5.56.33908. - Clean install of Origin 10.5.56.33908 - Limited user used - Hard link created - Link target (OriginWebHelperService.exe in this case) DACLS are clobbered to allow Everyone "Full control" ¯\_(ツ)_/¯pic.twitter.com/p8BF8ybawq
-
You have to enable Restricted User mode in the clienthttps://www.ea.com/security/news/easec-2019-001-elevation-of-privilege-vulnerability-in-origin-client …
- 1 more reply
New conversation -
-
-
Seems like the LocalService account description was written before the introduction of Mandatory Integrity Controls. Running a service as medium or low integrity would probably break a lot of stuff I guess
-
The LocalService account description was written on 05/30/2018. I would expect it to be accurate.pic.twitter.com/Qq5MDhxtWN
- 4 more replies
New conversation -
-
-
I’m pretty tapped on time, but I’ll take a look tonight. I see what you mean and at a glance, am confused as well
-
Apparently I don't understand how privileges work with the Network Service and Local Service accounts. Services running as either all have SYSTEM integrity levels. Yet have "minimum privileges".pic.twitter.com/bTEuCTPo98
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.