Striae Hash Validation Vulnerability Allowing Integrity Bypass

A high-severity integrity bypass vulnerability has been identified in Striae, a digital comparison tool for firearms examiners, affecting versions prior to 3.0.0. The vulnerability arises from hash-only validation that trusted manifest hash fields, which could be altered along with package content. This flaw allowed tampered confirmation packages to pass integrity checks, undermining the reliability of digital confirmations as a safeguard for immutability and forensic chain-of-custody control.

Impact

Exploitation of this vulnerability allowed confirmation package integrity to be bypassed, as both content and hash values could be modified within the same trust boundary. This meant that an attacker with access to an exported package could alter confirmation data, recompute hashes, and still pass hash-only integrity checks. Users relying on digital confirmations for sensitive workflows could have been misled about the authenticity and integrity of their data.

Remediation

Users are advised to upgrade to Striae version 3.0.0 or later, where this vulnerability has been patched. Version 3.0.0 introduces server-issued asymmetric signatures for forensic manifests, canonical payload signature verification, and a fail-closed behavior for missing or invalid signatures. Temporary mitigations include treating hash-only validation as a tamper indicator, restricting package exchanges to trusted channels, requiring out-of-band reviewer attestation for sensitive confirmations, and pausing imports from untrusted sources until the upgrade is completed.