EA Play FIFA 23 F1™ 22 Madden NFL 23 Apex Legends Battlefield™ 2042 The Sims 4 Electronic Arts Home Electronics Arts Home Latest Games Coming Soon Free-To-Play EA SPORTS EA Originals Games Library EA app Deals PC PlayStation Xbox Nintendo Switch Mobile Pogo The EA app EA Play Competitive Gaming Playtesting Company Careers News Technology EA Studios EA Partners Our Commitments Positive Play People & Inclusive Culture Social Impact Environment Help Forums Player and Parental Tools Accessibility Press Investors Latest Games Coming Soon Free-To-Play EA SPORTS EA Originals Games Library EA app Deals PC PlayStation Xbox Nintendo Switch Mobile Pogo The EA app EA Play Competitive Gaming Playtesting Company Careers News Technology EA Studios EA Partners Our Commitments Positive Play People & Inclusive Culture Social Impact Environment Help Forums Player and Parental Tools Accessibility Press Investors

July Origin Security Update

By Adrian Stone, Sr. Director, EA Product Security

July 22, 2020

Today, we released an updated version of the Origin client to address a high severity security vulnerability. Andres Blanco and Joel Noguera of Immunity Inc confidentially worked with us through our Product Security Vulnerability Submission Program to address the issues identified in their reports.

If you have already logged into the Origin client, you likely have already been offered the update. It can also be directly downloaded here. A Security Advisory has been published with details on the vulnerability that was addressed by the update.

The issue (CVE-2020-15524) - which is now resolved - allowed a valid user with limited permissions to gain privileged-level access on computers that have Origin installed. At no time was there evidence of the vulnerability being used against our customers. If an attacker were to attempt to exploit this vulnerability, they would have needed to log in to the computer with a valid non-Administrator user account. They would then need to install a specially crafted program or execute code that modifies part of the software to obtain elevated access level.

Additionally, the team at Immunity also reported a second “Moderate” severity Information Disclosure issue (CVE-2020-13172), which does not require any action by customers and has been fixed. I also want to clarify that our policy is to release Security Advisories for Critical and High Severity vulnerabilities that require our customers to take action in order to address the issue. More information about how we classify security impact and severity can be found here.

We want to thank the security research community for the ongoing interactions, and are committed to continuing to work together to protect our players.

Related News

EA Security - Keeping Your EA Account Safe

Electronic Arts Inc.
Nov 6, 2024
EA Security - Keeping Your EA Account Safe

EA anticheat is leveling the playing field

Electronic Arts Inc.
Aug 22, 2024
EA anticheat is keeping games fair, fun, and secure for millions of players worldwide.

Keeping Things Fair with EA anticheat System for PC

Accessibility, Electronic Arts Inc.
Sep 13, 2022