Improper Validation of Integrity Check Value
This vulnerability occurs when software fails to properly check the integrity of data by validating its checksum or hash value. Without this verification, the application cannot reliably detect if information has been altered, corrupted, or tampered with during storage or transmission.
Ignoring checksum validation introduces a preventable security gap. Most protocols specify a standard algorithm for generating these integrity values. The developer's responsibility is to implement that same calculation and compare the result against the provided checksum—a straightforward process that acts as a critical first line of defense against data corruption and malicious manipulation. Failure to perform this match correctly can have severe consequences. Since the application trusts the data as authentic, it may process malicious instructions, load corrupted files, or make decisions based on falsified information. This simple oversight can escalate into system compromise, data loss, or unstable behavior, making proper checksum verification a fundamental requirement for secure data handling.
Impact: Modify Application DataOther
Integrity checks usually use a secret key that helps authenticate the data origin. Skipping integrity checking generally opens up the possibility that new data from an invalid source can be injected.
Impact: Other
Data that is parsed and used may be corrupted.
Impact: Hide ActivitiesOther
Without a checksum check, it is impossible to determine if any changes have been made to the data after it was sent.
Code Example:
cCode Example:
javaMedium
- ISA/IEC 62443
- CLASP