What type of attacker must have physical or logical access to the device?

A local attacker is defined as an individual who requires either physical or logical access to a device in order to carry out their malicious activities. This can include having direct access to a computer, server, or network device, which enables them to exploit vulnerabilities or configurations directly from within the network.

Local attackers can manipulate systems in a variety of ways, such as installing malware, accessing sensitive data, or exploiting weak security practices. Their proximity to the target system allows them to bypass many defenses that are typically designed to thwart remote attacks, such as firewalls and intrusion detection systems.

In contrast, other types of attackers, such as remote attackers, do not need direct access to the target device and can exploit vulnerabilities from a distance. Adjacent network attackers typically have limited access on the same local network but still do not require direct access to the device itself. External attackers operate from outside the network perimeter and generally rely on exploiting vulnerabilities without any physical or logical access to the target devices. Therefore, the correct classification of an attacker who requires access to the device is indeed a local attacker.