CVE-2024-4978
Justice AV Solutions
KEV
- Vendors: Justice AV Solutions
Please follow the vendor’s instructions as outlined in the public statements at https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation and https://www.javs.com/downloads; https://nvd.nist.gov/vuln/detail/CVE-2024-4978
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No items for this vendor.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
How to fix CVE-2024-4978
CVE-2024-4978 is a unknown severity vulnerability affecting Justice AV Solutions the affected product.
Description: Please follow the vendor’s instructions as outlined in the public statements at https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation and https://www.javs.com/downloads; https://nvd.nist.gov/vuln/detail/CVE-2024-4978 Related CVE by CWENo related CWE found.Top CVE for VendorNo items for this vendor.Recently Exploited Similar VulnerabilitiesNo recent KEV-listed items for this vendor/product.
Exploit Difficulty: HARD
⏱️ Time to exploit: > 4 hours
🛠️ Required skills: Advanced security expertise
💰 Public exploits: Rare or not public
How to Fix:
- Check if you're running the affected product
- Update to the latest patched version
- If patching is not immediately possible: restrict network exposure, apply least-privilege access
- Test the fix in a staging environment first
- Review logs for signs of exploitation
- Monitor for IOCs (Indicators of Compromise)
- Enable automatic security updates
- Set up vulnerability monitoring
- Review and harden security configurations
Vendor Advisory: https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation
Description: Please follow the vendor’s instructions as outlined in the public statements at https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation and https://www.javs.com/downloads; https://nvd.nist.gov/vuln/detail/CVE-2024-4978 Related CVE by CWENo related CWE found.Top CVE for VendorNo items for this vendor.Recently Exploited Similar VulnerabilitiesNo recent KEV-listed items for this vendor/product.
Exploit Difficulty: HARD
⏱️ Time to exploit: > 4 hours
🛠️ Required skills: Advanced security expertise
💰 Public exploits: Rare or not public
How to Fix:
1 Identify affected systems
- Check if you're running the affected product
2 Immediate actions
- Update to the latest patched version
- If patching is not immediately possible: restrict network exposure, apply least-privilege access
3 Verification
- Test the fix in a staging environment first
- Review logs for signs of exploitation
- Monitor for IOCs (Indicators of Compromise)
4 Long-term prevention
- Enable automatic security updates
- Set up vulnerability monitoring
- Review and harden security configurations
Vendor Advisory: https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation
Exploit Difficulty Assessment
HARD
Time to Exploit: > 4 hours
Skills Required: Advanced security expertise
Public Exploits: Rare or not public
KEV Status: This vulnerability is actively exploited in the wild!
Vulnerability Timeline
Timeline information not available for this CVE.
Detection Rules & IOCs
No specific detection rules generated for this vulnerability type.