Generalize NKEV at first use to NKEV at any time

* High to Low: DJST, LOGG

> TODO: Add known exploitable vulnerabilities threat here

#### C.4.3.2 TH-KEVU: Known exploitable vulnerabilities

#### C.4.3.2 TH-KEVU: Known exploitable vulnerabilities at first use

Attacker may use known exploitable vulnerabilities in the product implementation to get unauthorized access to product assets when the product is first used.

Attacker may use known exploitable vulnerabilities in the product implementation to get unauthorized access to product assets.

| Risk factors                                  | Likelihood | Security profiles            |

|-----------------------------------------------|------------|------------------------------|

| max(SYS, SDS, SDT, FUN, DOS) = 1 | Medium | WD-1, WD-3, WL-1, VI-1             |

| max(SYS, SDS, SDT, FUN, DOS) = 2 | High   | WD-2, WD-4, WL-2, WL-3, WL-4, VI-2 |

Requirements that mitigate this threat: NKEV

Requirements that mitigate this threat: NKEV, SSDD, LMII, SCUD, DMIN, LMAS, LOGG, VULH

All mitigations from TH-UEVU apply, in addition to:

Mitigations for Likelihood:

* Medium to Low: (KEVD or KEVA or KEVT or SCAN), KEVM

* Medium to Low: (KEVD or KEVA or KEVT or SCAN), KEVM, (SUVP or SUAP or SUOE or SUAO), VULH

* High to Low: KEVD, KEVA, (KEVT or SCAN), KEVM

* High to Low: KEVD, KEVA, (KEVT or SCAN), KEVM, (SUAP or SUAO), VULH

#### C.4.3.3 TH-PHYS: Access to data via acquisition of used product

All mitigations from TH-KEVU apply, plus:

Mitigations for Likelihood:

Mitigations for Impact:

* Medium to Low: VULH

* Medium to Low: TODO - if there aren't any differet from KEVU, merge

* High to Low: VULH

* High to Low: TODO - if there aren't any differet from KEVU, merge

#### C.4.3.9 TH-MQSE: Masquerading authorized server