CVE-2024-4978

Summary

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands.

Affected Software

VendorProductVersion RangeStatus
Justice AV SolutionsViewer8.3.7.250affected

Weaknesses

  • CWE-506: CWE-506 Embedded Malicious Code

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

CVE Program Container

Additional References

References