CVE-2024-4978
HIGH CISA KEVDescription
Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands.
CVSS v3.1 Score
CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| javs | javs_viewer |
References
Exploits
Frequently Asked Questions
What is CVE-2024-4978? +
How severe is CVE-2024-4978? +
What products are affected by CVE-2024-4978? +
How do I check if I'm vulnerable to CVE-2024-4978? +
Related Vulnerabilities
Prebid.js is a free and open source library for publishers to quickly implement header bidding. NPM users of prebid 10.9.2 …
DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm …
VestaCP commit a3f0fa1 (2018-05-31) up to commit ee03eff (2018-06-13) contain embedded malicious code that resulted in a supply-chain compromise. New …
xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, …
PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality …
Prebid Universal Creative (PUC) is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest …