---
type: "term"
title: "Man in the Middle (#5)"
description: "A threat cluster where an attacker intercepts, eavesdrops on, modifies, or relays communication between two parties without their knowledge or consent, by exploiting a privileged position on the communication path."
resource: "tlctc:term:man-in-the-middle-5"
tags:
  - "glossary"
---
# Man in the Middle (#5)

A threat cluster where an attacker intercepts, eavesdrops on, modifies, or relays communication between two parties without their knowledge or consent, by exploiting a privileged position on the communication path. The generic vulnerability is the lack of sufficient control, integrity protection, or confidentiality over the communication channel/path, including the implicit trust placed in local networks and intermediate network infrastructure in standard IP networking. Position might be gained locally (shared Wi-Fi) or by leveraging control over existing network intermediaries.

**Related reading:** [tlctc-mitm-encryption-scion.html](https://www.tlctc.net/tlctc-mitm-encryption-scion.html)