Justice AV Solutions Viewer Software Used In Apparent Supply Chain Attack CVE-2024-4978

Justice AV Solutions (JAVS) is a U.S.-based company that provides digital audio-visual recording solutions for various environments including courtrooms and correctional facilities with over 10000 installations globally. Rapid7 identified a significant security risk with JAVS Viewer v8.3.7 which contains a backdoored installer that can give attackers full control over systems. Users with this version should immediately re-image affected systems reset credentials and upgrade to version 8.3.8 or higher. The issue came to light during an investigation initiated by Rapid7 on May 10 2024. The investigation revealed that the malware infection originated from a file named JAVS Viewer Setup 8.3.7.250-1.exe downloaded from the official JAVS site on March 5th. This installer was signed with an unusual Authenticode signature and included the binary fffmpeg.exe which executed encoded PowerShell scripts indicating a backdoor.