CVE-2024-4978
Malicious Code in Justice AV Solutions (JAVS) Viewer
In short
The Justice AV Solutions Viewer installer version 8.3.7.250-1 contains malicious code that allows someone with system access to run unauthorized PowerShell commands. This is dangerous because it can compromise your computer's security and allow attackers to take control.
Technical detail
CVE-2024-4978 involves a trojanized installer for Justice AV Solutions Viewer that executes malicious payloads upon installation, signed with a fraudulent authenticode certificate. A privileged local or remote attacker can exploit this to execute arbitrary PowerShell commands with elevated privileges, bypassing application-level security controls.
Summary generated and translated by AI from the official description.
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands.
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Justice AV Solutions · ViewerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://twitter.com/2RunJack2/status/1775052981966377148https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4978https://www.javs.com/downloads/https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/