CVE-2024-4978

Description

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands.

CVSS v3.1 Score

8.4

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild.

Added: May 29, 2024 Remediation due: Jun 19, 2024

Weakness Type (CWE)

CWE-506 CWE-506

Affected Products

Vendor	Product	Versions
javs	javs_viewer	All

References

Exploits

https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/ https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/

Other References

https://twitter.com/2RunJack2/status/1775052981966377148 https://www.javs.com/downloads/ https://twitter.com/2RunJack2/status/1775052981966377148 https://www.javs.com/downloads/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4978

Frequently Asked Questions

What is CVE-2024-4978? +

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. It has a CVSS v3.1 base score of 8.4 (HIGH). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.

How severe is CVE-2024-4978? +

CVE-2024-4978 has a CVSS v3.1 score of 8.4 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

What products are affected by CVE-2024-4978? +

CVE-2024-4978 affects products from javs, specifically: javs_viewer. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-4978? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-59037

DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm …

CVE-2025-59038

Prebid.js is a free and open source library for publishers to quickly implement header bidding. NPM users of prebid 10.9.2 …

CVE-2025-59039

Prebid Universal Creative (PUC) is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest …

CVE-2025-59140

backlash parses collected strings with escapes. On 8 September 2025, the npm publishing account for backslash was taken over after …

CVE-2025-59141

simple-swizzle swizzles function arguments. On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing …

CVE-2025-59142

color-string is a parser and generator for CSS color strings. On 8 September 2025, the npm publishing account for color-string …