← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-4978 — Actively Exploited: Viewer (Justice AV Solutions)

Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.

CVE IDCVE-2024-4978
VendorJustice AV Solutions
ProductViewer
Vulnerability nameJustice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability
Date added2024-05-29
Remediation due2024-06-19
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionJustice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421a4ad2615941b177b6ec4ab5e239c14e62af2ab07c6df1741e2a62223223c4). When run, this creates a backdoor connection to a malicious C2 server.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →