CVE-2024-4978

Malicious Code in Justice AV Solutions (JAVS) Viewer

Basic Information

CVE State: PUBLISHED
Reserved Date: May 15, 2024
Published Date: May 23, 2024
Last Updated: August 01, 2024
Vendor: Justice AV Solutions
Product: Viewer
Description: Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands.

CVSS Scores

CVSS v4.0

8.7 - HIGH

Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CVSS v3.1

8.4 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2024-05-29 00:00:00 UTC) Source

References

https://twitter.com/2RunJack2/status/1775052981966377148 https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/ https://www.javs.com/downloads/

Known Exploited Vulnerability Information

Source	Added Date
CISA	2024-05-29 00:00:00 UTC