CVE-2024-4978
Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability
CVSS
—
No CVSS
EPSS
26.9%
p98
KEV
YES
May 29, 2024
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Justice AV Solutions / Viewer
Vulnerability
Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability
Added to KEV
May 29, 2024
Remediate by
Jun 19, 2024
Known ransomware use
No
Summary description
Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
Please follow the vendor’s instructions as outlined in the public statements at https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation and https://www.javs.com/downloads; https://nvd.nist.gov/vuln/detail/CVE-2024-4978
No related CVEs by CWE or product.