Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.28 views

Justice AV Solutions JVS Viewer Embedded Malicious Code (CVE-2024-4978)

The version of Justice AV Solutions JVS Viewer installed on the remote host is 8.3.7. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4978 advisory. - Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpect...

8.7CVSS6.2AI score0.26937EPSS
Exploits1References3
CISA
CISA
added 2024/05/29 12:0 p.m.14 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4978 Justice AV Solutions JAVS Viewer Installer Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

8.7CVSS7.2AI score0.26937EPSS
In wildExploits1References6
Circl
Circl
added 2024/05/23 7:33 p.m.8 views

CVE-2024-4978

creationtimestamp| type| source ---|---|--- 2024-05-23 19:33:17+00:00| seen| https://t.me/HackingInsights/867 2024-05-24 12:21:47+00:00| seen| Telegram/35Z3j61Eiun51LjyBaXAW69rvddYyTcdJWUO-G1bZQXEY34 2024-05-24 13:34:06+00:00| seen| https://t.me/KomunitiSiber/1997 2024-05-24 14:30:05+00:00| seen|...

8.7CVSS6AI score0.26937EPSS
Exploits1References10
Rapid7 Blog
Rapid7 Blog
added 2024/05/23 1:0 p.m.32 views

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

The following Rapid7 team members contributed to this blog: Ipek Solak, Thomas Elkins, Evan McCann, Matthew Smith, Jake McMahon, Tyler McGraw, Ryan Emmons, Stephen Fewer, and John Fenninger Overview Justice AV Solutions JAVS is a U.S.-based company specializing in digital audio-visual recording...

8.7CVSS8.8AI score0.26937EPSS
Exploits1
NVD
NVD
added 2024/05/23 2:15 a.m.23 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS8.4AI score0.26937EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/23 1:56 a.m.17 views

CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS7AI score0.26937EPSS
Exploits1References3
CVE
CVE
added 2024/05/23 1:56 a.m.240 views

CVE-2024-4978

CVE-2024-4978 affects Justice AV Solutions (JAVS) Viewer v8.3.7 installed via the 8.3.7.250-1 bundle. The advisory documents a malicious binary (fffmpeg.exe) embedded in the installer and signed with an unexpected Vanguard Tech Limited Authenticode certificate. When executed, the binary can estab...

8.7CVSS8.3AI score0.26937EPSS
In wildExploits1References4Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/05/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-4978

Justice AV Solutions JAVS Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4. When run, this creates a backdoor connection to a malicious C2 server...

8.7CVSS5.8AI score0.26937EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2024/05/23 12:0 a.m.23 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. Recent assessments: Assessed Attacker...

8.7CVSS7AI score0.26937EPSS
In wildExploits1References4
Rows per page
Query Builder