Common Weakness Enumeration

CWE-288

Allowed

Authentication Bypass Using an Alternate Path or Channel

Abstraction: Base · Status: Incomplete

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

1072 vulnerabilities reference this CWE, most recent first.

GHSA-F35M-48C3-V5MQ

Vulnerability from github – Published: 2022-06-03 00:00 – Updated: 2022-06-10 00:00
VLAI
Details

SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as stealing server management rights using a web shell.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-26634"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-288",
      "CWE-434"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-02T14:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as stealing server management rights using a web shell.",
  "id": "GHSA-f35m-48c3-v5mq",
  "modified": "2022-06-10T00:00:55Z",
  "published": "2022-06-03T00:00:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26634"
    },
    {
      "type": "WEB",
      "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66746"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F37X-5J3M-J64V

Vulnerability from github – Published: 2026-01-08 12:30 – Updated: 2026-01-20 15:33
VLAI
Details

Authentication Bypass Using an Alternate Path or Channel vulnerability in Arraytics Timetics timetics allows Authentication Abuse.This issue affects Timetics: from n/a through <= 1.0.46.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-67915"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-08T10:15:50Z",
    "severity": "CRITICAL"
  },
  "details": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Arraytics Timetics timetics allows Authentication Abuse.This issue affects Timetics: from n/a through \u003c= 1.0.46.",
  "id": "GHSA-f37x-5j3m-j64v",
  "modified": "2026-01-20T15:33:08Z",
  "published": "2026-01-08T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67915"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/timetics/vulnerability/wordpress-timetics-plugin-1-0-46-broken-authentication-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://vdp.patchstack.com/database/Wordpress/Plugin/timetics/vulnerability/wordpress-timetics-plugin-1-0-46-broken-authentication-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F39P-P4F3-MVP5

Vulnerability from github – Published: 2026-03-25 18:31 – Updated: 2026-03-26 15:30
VLAI
Details

Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core jobica-core allows Authentication Abuse.This issue affects Jobica Core: from n/a through <= 1.4.2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-27049"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T17:16:54Z",
    "severity": "CRITICAL"
  },
  "details": "Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobica Core jobica-core allows Authentication Abuse.This issue affects Jobica Core: from n/a through \u003c= 1.4.2.",
  "id": "GHSA-f39p-p4f3-mvp5",
  "modified": "2026-03-26T15:30:33Z",
  "published": "2026-03-25T18:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27049"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/jobica-core/vulnerability/wordpress-jobica-core-plugin-1-4-2-account-takeover-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F3F8-VX3W-HP5Q

Vulnerability from github – Published: 2024-11-06 15:57 – Updated: 2025-11-15 03:17
VLAI
Summary
codechecker vulnerable to authentication bypass when using specifically crafted URLs
Details

Summary

Authentication bypass occurs when the API URL ends with Authentication, Configuration or ServerInfo. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others.

Details

All endpoints, apart from the /Authentication is affected by the vulnerability.

The vulnerability allows unauthenticated users to access all API functionality. You can look for the following pattern in the logs to check if the vulnerabilty was exploited: image

Note that the url starts with v and contains a valid CodeChecker endpoint, but it ends in Authentication, Configuration or ServerInfo and it was made by an Anonymous user.

Impact

This authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "codechecker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.24.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-10081"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-06T15:57:08Z",
    "nvd_published_at": "2024-11-06T15:15:11Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\nAuthentication bypass occurs when the API URL ends with Authentication, Configuration or ServerInfo. This bypass allows superuser access to all API endpoints other than Authentication. These endpoints include the ability to add, edit, and remove products, among others.\n\n### Details\nAll endpoints, apart from the /Authentication is affected by the vulnerability.\n\nThe vulnerability allows unauthenticated users to access all API functionality.\nYou can look for the following pattern in the logs to check if the vulnerabilty was exploited:\n![image](https://github.com/user-attachments/assets/6ba02231-a3d8-4832-aee6-f96462b7441e)\n\nNote that the url starts with v and contains a valid CodeChecker endpoint, but it ends in `Authentication`, `Configuration` or `ServerInfo` and it was made by an `Anonymous` user.\n\n### Impact\nThis authentication bypass allows querying, adding, changing, and deleting Products contained on the CodeChecker server, without authentication, by an anonymous user.",
  "id": "GHSA-f3f8-vx3w-hp5q",
  "modified": "2025-11-15T03:17:05Z",
  "published": "2024-11-06T15:57:08Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-f3f8-vx3w-hp5q"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10081"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Ericsson/codechecker/commit/ad41702e3108e4b92ae5d0143a5b961cc34195eb"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Ericsson/codechecker"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/codechecker/PYSEC-2024-238.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "codechecker vulnerable to authentication bypass when using specifically crafted URLs"
}

GHSA-F5VM-4J2M-PHC2

Vulnerability from github – Published: 2026-04-22 21:31 – Updated: 2026-04-22 21:31
VLAI
Details

The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the express_pay_product_page_pay_for_order() function logging users in based solely on a user-supplied billing email address during guest checkout for subscription products, without verifying email ownership, requiring a password, or validating a one-time token. This makes it possible for unauthenticated attackers to log in as any existing user, including administrators, by providing the target user's email address in the billing_details parameter, resulting in complete account takeover and site compromise.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-3461"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-15T09:16:31Z",
    "severity": "CRITICAL"
  },
  "details": "The Visa Acceptance Solutions plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.1.0. This is due to the `express_pay_product_page_pay_for_order()` function logging users in based solely on a user-supplied billing email address during guest checkout for subscription products, without verifying email ownership, requiring a password, or validating a one-time token. This makes it possible for unauthenticated attackers to log in as any existing user, including administrators, by providing the target user\u0027s email address in the billing_details parameter, resulting in complete account takeover and site compromise.",
  "id": "GHSA-f5vm-4j2m-phc2",
  "modified": "2026-04-22T21:31:44Z",
  "published": "2026-04-22T21:31:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3461"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/visa-acceptance-solutions/tags/2.1.0/public/class-visa-acceptance-payment-gateway-expresspay-public.php#L777"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/visa-acceptance-solutions/tags/2.1.0/public/class-visa-acceptance-payment-gateway-expresspay-public.php#L790"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/visa-acceptance-solutions/trunk/public/class-visa-acceptance-payment-gateway-expresspay-public.php#L777"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/visa-acceptance-solutions/trunk/public/class-visa-acceptance-payment-gateway-expresspay-public.php#L790"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8d3aea10-d7a0-44bd-94dc-3bad0d27dbd8?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F6JX-F7J2-JG72

Vulnerability from github – Published: 2025-11-20 21:30 – Updated: 2025-11-20 21:30
VLAI
Details

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability Edgenius.This issue affects ABB Ability Edgenius: 3.2.0.0, 3.2.1.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10571"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-20T19:16:11Z",
    "severity": "CRITICAL"
  },
  "details": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability Edgenius.This issue affects ABB Ability Edgenius: 3.2.0.0, 3.2.1.1.",
  "id": "GHSA-f6jx-f7j2-jg72",
  "modified": "2025-11-20T21:30:32Z",
  "published": "2025-11-20T21:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10571"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA022088\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-F75H-CWP9-8H5X

Vulnerability from github – Published: 2024-11-15 06:30 – Updated: 2026-01-23 18:31
VLAI
Details

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-10924"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288",
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-15T04:15:03Z",
    "severity": "CRITICAL"
  },
  "details": "The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the \u0027check_login_and_get_user\u0027 function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the \"Two-Factor Authentication\" setting is enabled (disabled by default).",
  "id": "GHSA-f75h-cwp9-8h5x",
  "modified": "2026-01-23T18:31:22Z",
  "published": "2024-11-15T06:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10924"
    },
    {
      "type": "WEB",
      "url": "https://github.com/JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-10924"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/really-simple-ssl/tags/9.1.1.1/security/wordpress/two-fa/class-rsssl-two-factor-on-board-api.php#L277"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/really-simple-ssl/tags/9.1.1.1/security/wordpress/two-fa/class-rsssl-two-factor-on-board-api.php#L278"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/really-simple-ssl/tags/9.1.1.1/security/wordpress/two-fa/class-rsssl-two-factor-on-board-api.php#L67"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/3188431/really-simple-ssl"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/blog/2024/11/really-simple-security-vulnerability"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d5d05ad-1a7a-43d2-bbbf-597e975446be?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F7FQ-7WFP-VC3J

Vulnerability from github – Published: 2025-04-01 06:30 – Updated: 2026-04-01 18:34
VLAI
Details

Authentication Bypass Using an Alternate Path or Channel vulnerability in ho3einie Material Dashboard allows Authentication Bypass. This issue affects Material Dashboard: from n/a through 1.4.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-31095"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-01T06:15:56Z",
    "severity": "CRITICAL"
  },
  "details": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ho3einie Material Dashboard allows Authentication Bypass. This issue affects Material Dashboard: from n/a through 1.4.5.",
  "id": "GHSA-f7fq-7wfp-vc3j",
  "modified": "2026-04-01T18:34:19Z",
  "published": "2025-04-01T06:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31095"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/material-dashboard/vulnerability/wordpress-material-dashboard-1-4-5-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F888-8H5M-7XJW

Vulnerability from github – Published: 2025-02-11 09:30 – Updated: 2025-02-11 09:30
VLAI
Details

The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.7. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie. This makes it possible for unauthenticated attackers to gain access to a target user's (e.g. administrators) account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0181"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-11T07:15:29Z",
    "severity": "CRITICAL"
  },
  "details": "The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.7. This is due to the plugin not properly validating a user\u0027s identity prior to setting the current user and their authentication cookie. This makes it possible for unauthenticated attackers to gain access to a target user\u0027s (e.g. administrators) account.",
  "id": "GHSA-f888-8h5m-7xjw",
  "modified": "2025-02-11T09:30:32Z",
  "published": "2025-02-11T09:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0181"
    },
    {
      "type": "WEB",
      "url": "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d722ec8d-bfca-4da1-8eb0-8d33735c5e44?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F95R-5FVR-2468

Vulnerability from github – Published: 2025-08-28 15:30 – Updated: 2026-04-01 18:36
VLAI
Details

Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows Authentication Abuse. This issue affects Golo: from n/a through 1.7.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-54725"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-288"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-28T13:16:08Z",
    "severity": "CRITICAL"
  },
  "details": "Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows Authentication Abuse. This issue affects Golo: from n/a through 1.7.0.",
  "id": "GHSA-f95r-5fvr-2468",
  "modified": "2026-04-01T18:36:01Z",
  "published": "2025-08-28T15:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54725"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/theme/golo/vulnerability/wordpress-golo-theme-1-7-0-broken-authentication-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Funnel all access through a single choke point to simplify how users can access a resource. For every access, perform a check to determine if the user has permissions to access the resource.

CAPEC-127: Directory Indexing

An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.

CAPEC-665: Exploitation of Thunderbolt Protection Flaws

An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.