Backdoor in Justice AV Solutions Viewer software



Risk Critical
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-4978
CWE-ID CWE-506
Exploitation vector Network
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software
JAVS Viewer
Client/Desktop applications / Multimedia software

Vendor Justice AV Solutions

Security Bulletin

This security bulletin contains one critical risk vulnerability.

1) Embedded malicious code (backdoor)

EUVDB-ID: #VU89806

Risk: Critical

CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2024-4978

CWE-ID: CWE-506 - Embedded Malicious Code

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to presence of embedded malicious functionality in the application setup file "Justice AV Solutions Viewer Setup 8.3.7.250-1" downloaded from the official website. A remote attacker to gain unauthorized access to the system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Install the latest version from vendor's website.

Vulnerable software versions

JAVS Viewer: 8.3.7

CPE2.3 External links

http://twitter.com/2RunJack2/status/1775052981966377148
http://github.com/advisories/GHSA-wf54-f8v9-v72v
http://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.



###SIDEBAR###