CVE-2024-4978 is a vulnerability in Javs Viewer
Published on May 23, 2024
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands.
Known Exploited Vulnerability
This Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.
The following remediation steps are recommended / required by June 19, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Vulnerability Analysis
CVE-2024-4978 is exploitable with network access, requires user interaction and user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.7 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Products Associated with CVE-2024-4978
You can be notified by stack.watch whenever vulnerabilities like CVE-2024-4978 are published in these products:
What versions of Javs Viewer are vulnerable to CVE-2024-4978?
- Javs Viewer Version 8.3.7.250