CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 19, 2024
Description
Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.
EPSS — Exploit Probability
Higher than 94.3% of all CVEs
Required Action
Please follow the vendor’s instructions as outlined in the public statements at https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation and https://www.javs.com/downloads; https://nvd.nist.gov/vuln/detail/CVE-2024-4978
Risk Assessment
ELEVATEDDetails
- Severity
- High
- EPSS
- 14.1%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 0
Timeline
Published
May 29, 2024
Added to KEV
May 29, 2024
Remediation Due
Jun 19, 2024