Polyglot file vulnerability
CIRCLean (up to version 1.2) analysis can be bypassed by using polygot files. An attacker could create a file with fake headers and add the malicious content later on. As the test was only performed using the file magic, the attacker could pass the file to the destination USB key.
CIRCLean version up to 1.2 are affected by this vulnerability.
CIRCLean version starting from 1.3 includes a fix and an improved mechanism for detecting polygot files.