---
type: "term"
title: "Attack Vector"
description: "The specific path or method used by an attacker to gain unauthorized access to a target system."
resource: "tlctc:term:attack-vector"
tags:
  - "glossary"
---
# Attack Vector

The specific path or method used by an attacker to gain unauthorized access to a target system. In the TLCTC framework, each distinct attack vector is a distinct initiating method defined by the **initial generic vulnerability targeted** (per Axiom VII). The vector label MUST be based on cause, not outcome.

**Reference:** §4.2.2 (Global Definitions), Axiom VII (§2)

**Related reading:** [Evolving VERIS — replace Action axis with TLCTC](https://www.tlctc.net/tlctc-veris.html)