High severity7.3NVD Advisory· Published Jan 27, 2025· Updated Apr 15, 2026

CVE-2024-57276

Description

In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges, enabling attackers to escalate privileges by replacing or placing a malicious executable in the service path.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/yamerooo123/CVE/blob/main/CVE-2024-57276/Description.mdnvd
github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Dragon%20Age%20Origins/Description.mdnvd

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000