CVE-2024-57276

Name of the Vulnerable Software and Affected Versions Dragon Age Origins version 1.05

Description The DAUpdaterSVC service in Dragon Age Origins contains an unquoted service path issue, allowing users to modify the executable file path used by the service. This service runs with NT AUTHORITYSYSTEM privileges, enabling attackers to escalate privileges by replacing or placing a malicious executable in the service path.

Recommendations For Dragon Age Origins version 1.05, consider restricting access to the DAUpdaterSVC service to minimize the risk of exploitation. As a temporary workaround, avoid using the service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.