Lucene search
+L

9 matches found

nessus
nessus
added 2024/06/11 12:0 a.m.28 views

Justice AV Solutions JVS Viewer Embedded Malicious Code (CVE-2024-4978)

The version of Justice AV Solutions JVS Viewer installed on the remote host is 8.3.7. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4978 advisory. - Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpect...

8.7CVSS6.2AI score0.26937EPSS
Exploits1References3
cisa
cisa
added 2024/05/29 12:0 p.m.15 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-4978 Justice AV Solutions JAVS Viewer Installer Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

8.7CVSS7.2AI score0.26937EPSS
In wildExploits1References6
circl
circl
added 2024/05/23 7:33 p.m.8 views

CVE-2024-4978

creationtimestamp| type| source ---|---|--- 2024-05-23 19:33:17+00:00| seen| https://t.me/HackingInsights/867 2024-05-24 12:21:47+00:00| seen| Telegram/35Z3j61Eiun51LjyBaXAW69rvddYyTcdJWUO-G1bZQXEY34 2024-05-24 13:34:06+00:00| seen| https://t.me/KomunitiSiber/1997 2024-05-24 14:30:05+00:00| seen|...

8.7CVSS6AI score0.26937EPSS
Exploits1References10
rapid7blog
rapid7blog
added 2024/05/23 1:0 p.m.32 views

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

The following Rapid7 team members contributed to this blog: Ipek Solak, Thomas Elkins, Evan McCann, Matthew Smith, Jake McMahon, Tyler McGraw, Ryan Emmons, Stephen Fewer, and John Fenninger Overview Justice AV Solutions JAVS is a U.S.-based company specializing in digital audio-visual recording...

8.7CVSS8.8AI score0.26937EPSS
Exploits1
nvd
nvd
added 2024/05/23 2:15 a.m.23 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS8.4AI score0.26937EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2024/05/23 1:56 a.m.17 views

CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS7AI score0.26937EPSS
Exploits1References3
cve
cve
added 2024/05/23 1:56 a.m.241 views

CVE-2024-4978

CVE-2024-4978 affects Justice AV Solutions (JAVS) Viewer v8.3.7 installed via the 8.3.7.250-1 bundle. The advisory documents a malicious binary (fffmpeg.exe) embedded in the installer and signed with an unexpected Vanguard Tech Limited Authenticode certificate. When executed, the binary can estab...

8.7CVSS8.3AI score0.26937EPSS
In wildExploits1References4Affected Software1
vulncheck_kev
vulncheck_kev
added 2024/05/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-4978

Justice AV Solutions JAVS Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4. When run, this creates a backdoor connection to a malicious C2 server...

8.7CVSS5.8AI score0.26937EPSS
Exploits1References1
attackerkb
attackerkb
added 2024/05/23 12:0 a.m.23 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. Recent assessments: Assessed Attacker...

8.7CVSS7AI score0.26937EPSS
In wildExploits1References4
Rows per page
Query Builder