EIP-2026-117125

PRE-CVE

Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117125. PoCs published by LiquidWorm.

AI-analyzed exploit summary This writeup describes two privilege escalation vulnerabilities in the Electronic Arts Origin Client (versions 9.5.5.2850 and earlier). The first involves improper file permissions allowing binary replacement, while the second is an unquoted service path issue. Both can lead to arbitrary code execution with SYSTEM privileges.

Description

Electronic Arts Origin Client 9.5.5 - Multiple Privilege Escalation Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/36188

View Code ZIP pw:eip

This writeup describes two privilege escalation vulnerabilities in the Electronic Arts Origin Client (versions 9.5.5.2850 and earlier). The first involves improper file permissions allowing binary replacement, while the second is an unquoted service path issue. Both can lead to arbitrary code execution with SYSTEM privileges.

Classification

Writeup 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Electronic Arts Origin Client 9.5.5.2850 and earlier

Auth required

Prerequisites: Local user access · Ability to write to the Origin installation directory

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026