Common Weakness Enumeration

CWE-203

Allowed

Observable Discrepancy

Abstraction: Base · Status: Incomplete

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

836 vulnerabilities reference this CWE, most recent first.

GHSA-69M8-JCWV-4855

Vulnerability from github – Published: 2023-10-30 18:30 – Updated: 2023-11-06 18:30
VLAI
Details

In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21300"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-30T17:15:47Z",
    "severity": "MODERATE"
  },
  "details": "In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-69m8-jcwv-4855",
  "modified": "2023-11-06T18:30:17Z",
  "published": "2023-10-30T18:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21300"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/docs/security/bulletin/android-14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6C9J-X93C-RW6J

Vulnerability from github – Published: 2026-02-19 22:06 – Updated: 2026-03-12 17:30
VLAI
Summary
OpenClaw safeBins file-existence oracle information disclosure
Details

An information disclosure vulnerability in OpenClaw's tools.exec.safeBins approval flow allowed a file-existence oracle.

When safe-bin validation examined candidate file paths, command allow/deny behavior could differ based on whether a path already existed on the host filesystem. An attacker could probe for file presence by comparing outcomes for existing vs non-existing filenames.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Affected versions: <= 2026.2.17
  • Latest published vulnerable version at triage time: 2026.2.17
  • Planned patched version: 2026.2.18

Impact

Attackers with access to this execution surface could infer whether specific files exist (for example secrets/config files), enabling filesystem enumeration and improving follow-on attack planning.

Fix

The safe-bin policy was changed to deterministic argv-only validation without host file-existence checks. File-oriented flags are blocked for safe-bin mode (for example sort -o, jq -f, grep -f), and trusted-path checks remain enforced.

Fix Commit(s)

  • bafdbb6f112409a65decd3d4e7350fbd637c7754

Found using MCPwner

Thanks @nedlir for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.2.17"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.19"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-4040"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-19T22:06:26Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "An information disclosure vulnerability in OpenClaw\u0027s `tools.exec.safeBins` approval flow allowed a file-existence oracle.\n\nWhen safe-bin validation examined candidate file paths, command allow/deny behavior could differ based on whether a path already existed on the host filesystem. An attacker could probe for file presence by comparing outcomes for existing vs non-existing filenames.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Affected versions: `\u003c= 2026.2.17`\n- Latest published vulnerable version at triage time: `2026.2.17`\n- Planned patched version: `2026.2.18`\n\n## Impact\nAttackers with access to this execution surface could infer whether specific files exist (for example secrets/config files), enabling filesystem enumeration and improving follow-on attack planning.\n\n## Fix\nThe safe-bin policy was changed to deterministic argv-only validation without host file-existence checks. File-oriented flags are blocked for safe-bin mode (for example `sort -o`, `jq -f`, `grep -f`), and trusted-path checks remain enforced.\n\n## Fix Commit(s)\n- `bafdbb6f112409a65decd3d4e7350fbd637c7754`\n\nFound using [MCPwner](https://github.com/Pigyon/MCPwner)\n\nThanks @nedlir for reporting.",
  "id": "GHSA-6c9j-x93c-rw6j",
  "modified": "2026-03-12T17:30:25Z",
  "published": "2026-02-19T22:06:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-6c9j-x93c-rw6j"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4040"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/bafdbb6f112409a65decd3d4e7350fbd637c7754"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OpenClaw safeBins file-existence oracle information disclosure"
}

GHSA-6FJ5-M574-P4W9

Vulnerability from github – Published: 2024-06-11 15:31 – Updated: 2024-08-23 18:32
VLAI
Details

A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5697"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-11T13:15:51Z",
    "severity": "MODERATE"
  },
  "details": "A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox \u003c 127.",
  "id": "GHSA-6fj5-m574-p4w9",
  "modified": "2024-08-23T18:32:57Z",
  "published": "2024-06-11T15:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5697"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1414937"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2024-25"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6GCW-XCPF-VR88

Vulnerability from github – Published: 2024-09-19 18:30 – Updated: 2024-09-23 18:30
VLAI
Details

A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others.

Apply patch from vendor https://netcat.ru/ https://netcat.ru/] . Versions 6.4.0.24248 and on have the patch.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-8651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-204"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-19T17:15:15Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks.\nThis issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others.\n\nApply patch from vendor  https://netcat.ru/ https://netcat.ru/] . Versions 6.4.0.24248 and on have the patch.",
  "id": "GHSA-6gcw-xcpf-vr88",
  "modified": "2024-09-23T18:30:34Z",
  "published": "2024-09-19T18:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8651"
    },
    {
      "type": "WEB",
      "url": "https://github.com/klsecservices/Advisories/blob/master/K-NetCat-2024-001.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6GF6-3J9V-J983

Vulnerability from github – Published: 2025-07-03 12:34 – Updated: 2025-07-03 12:34
VLAI
Details

For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-204"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-03T12:15:22Z",
    "severity": "MODERATE"
  },
  "details": "For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.",
  "id": "GHSA-6gf6-3j9v-j983",
  "modified": "2025-07-03T12:34:58Z",
  "published": "2025-07-03T12:34:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27451"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/psirt"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
    },
    {
      "type": "WEB",
      "url": "https://www.endress.com"
    },
    {
      "type": "WEB",
      "url": "https://www.first.org/cvss/calculator/3.1"
    },
    {
      "type": "WEB",
      "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.json"
    },
    {
      "type": "WEB",
      "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6HRX-7MGG-5CVP

Vulnerability from github – Published: 2025-05-22 15:34 – Updated: 2025-05-22 15:34
VLAI
Details

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3939"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-204"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-22T13:15:56Z",
    "severity": "MODERATE"
  },
  "details": "Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11.Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11.",
  "id": "GHSA-6hrx-7mgg-5cvp",
  "modified": "2025-05-22T15:34:49Z",
  "published": "2025-05-22T15:34:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3939"
    },
    {
      "type": "WEB",
      "url": "https://docs.niagara-community.com/category/tech_bull"
    },
    {
      "type": "WEB",
      "url": "https://honeywell.com/us/en/product-security#security-notices"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6M9H-2PR2-9J8F

Vulnerability from github – Published: 2024-04-18 16:44 – Updated: 2025-02-11 19:02
VLAI
Summary
1Panel's password verification is suspected to have a timing attack vulnerability
Details

Summary

源码中密码校验处使用 != 符号,而不是hmac.Equal,这可能导致产生计时攻击漏洞,从而爆破密码。
建议使用 hmac.Equal 比对密码。

Translation:

The source code uses the != symbol instead of hmac.Equal for password verification, which may lead to timing attack vulnerabilities that can lead to password cracking. It is recommended to use hmac. Equal to compare passwords.

Details

https://github.com/1Panel-dev/1Panel/blob/dev/backend/app/service/auth.go#L81C5-L81C26

Impact

该产品的所有使用者。

Translation:

All users of this product.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/1Panel-dev/1Panel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-30257"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-18T16:44:16Z",
    "nvd_published_at": "2024-04-18T15:15:30Z",
    "severity": "LOW"
  },
  "details": "### Summary\n\u6e90\u7801\u4e2d\u5bc6\u7801\u6821\u9a8c\u5904\u4f7f\u7528 != \u7b26\u53f7\uff0c\u800c\u4e0d\u662f`hmac.Equal`\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u4ea7\u751f\u8ba1\u65f6\u653b\u51fb\u6f0f\u6d1e\uff0c\u4ece\u800c\u7206\u7834\u5bc6\u7801\u3002  \n\u5efa\u8bae\u4f7f\u7528 `hmac.Equal` \u6bd4\u5bf9\u5bc6\u7801\u3002\n\nTranslation:\n\nThe source code uses the != symbol instead of hmac.Equal for password verification, which may lead to timing attack vulnerabilities that can lead to password cracking. It is recommended to use hmac. Equal to compare passwords.\n\n### Details\nhttps://github.com/1Panel-dev/1Panel/blob/dev/backend/app/service/auth.go#L81C5-L81C26\n\n### Impact\n\u8be5\u4ea7\u54c1\u7684\u6240\u6709\u4f7f\u7528\u8005\u3002\n\nTranslation:\n\nAll users of this product.",
  "id": "GHSA-6m9h-2pr2-9j8f",
  "modified": "2025-02-11T19:02:38Z",
  "published": "2024-04-18T16:44:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-6m9h-2pr2-9j8f"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30257"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/1Panel-dev/1Panel"
    },
    {
      "type": "WEB",
      "url": "https://github.com/1Panel-dev/1Panel/blob/dev/backend/app/service/auth.go#L81C5-L81C26"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "1Panel\u0027s password verification is suspected to have a timing attack vulnerability"
}

GHSA-6P2P-WF8C-WQ75

Vulnerability from github – Published: 2026-04-02 18:31 – Updated: 2026-04-02 21:32
VLAI
Details

User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-26895"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-02T17:16:21Z",
    "severity": "MODERATE"
  },
  "details": "User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.",
  "id": "GHSA-6p2p-wf8c-wq75",
  "modified": "2026-04-02T21:32:52Z",
  "published": "2026-04-02T18:31:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26895"
    },
    {
      "type": "WEB",
      "url": "https://csacyber.com/blog/osticket-timing-vulnerability-understanding-the-risk"
    },
    {
      "type": "WEB",
      "url": "http://osticket.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6QCG-XMGW-43WC

Vulnerability from github – Published: 2022-03-31 00:00 – Updated: 2022-04-06 00:01
VLAI
Details

In People, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-206465854

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39775"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-30T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In People, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-206465854",
  "id": "GHSA-6qcg-xmgw-43wc",
  "modified": "2022-04-06T00:01:50Z",
  "published": "2022-03-31T00:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39775"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/android-12l"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6QHQ-G72J-7WVF

Vulnerability from github – Published: 2025-11-22 00:31 – Updated: 2025-12-04 18:30
VLAI
Details

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-11932"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-21T23:15:44Z",
    "severity": "LOW"
  },
  "details": "The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder",
  "id": "GHSA-6qhq-g72j-7wvf",
  "modified": "2025-12-04T18:30:39Z",
  "published": "2025-11-22T00:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11932"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wolfSSL/wolfssl/pull/9223"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-46
Architecture and Design

Strategy: Separation of Privilege

  • Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
  • Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
CAPEC-189: Black Box Reverse Engineering

An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds.