Quote:Modern computers that come with a Thunderbolt interface and run Windows, macOS, Linux, or FreeBSD are vulnerable to a range of Direct Memory Access (DMA) attacks performed by potential attackers with physical access to the device using malicious peripherals.
The security flaws collectively dubbed "Thunderclap" can be exploited to run arbitrary code using highest possible privilege level on the system to potentially access or steal "passwords, banking logins, encryption keys, private files, browsing," and other sensitive data present on machine that come with ports for peripherals that use PCI Express (PCIe) and USB-C ports.
The Thunderclap vulnerabilities provide potential attackers with direct and unlimited access to a machine's memory because these ports come with low-level and very privileged direct memory access (DMA), which supplies any malicious peripherals with much more privileges than regular USB devices.
![[Image: Victims.png]](https://www.bleepstatic.com/images/news/u//1109292/Feb%202019/Victims.png)
SOURCE: https://www.bleepingcomputer.com/news/se...ripherals/
![[-]](https://www.geeks.fyi/images/collapse.png)
