CVE-2020-27708
HIGHEA Origin < 10.5.86 - Uncontrolled Search Path Element
Title source: llmDescription
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators.
References (1)
Core 1
Core References
Exploit, Vendor Advisory x_refsource_misc
https://www.ea.com/security/news/easec-2020-002-elevation-of-privilege-vulnerability-in-origin-client
Scores
CVSS v3
7.8
EPSS
0.0058
EPSS Percentile
43.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-427
Status
published
Products (1)
ea/origin
< 10.5.86 (2 CPE variants)
Published
Nov 02, 2020
Tracked Since
Feb 18, 2026