Dutch researcher has shown how it would be possible to unlock a password-protected Windows computer in about five minutes by exploiting vulnerabilities in Intels Thunderbolt hardware controller. The attacks highlight shortcomings in how firmware for Thunderbolt is verified, weak device authentication schemes and backward compatibility issues with legacy protocols. Of the six vulnerabilities disclosed to Intel, three of them were new to the company, according to the Thunderspy research website. The attack adds to a growing list of attacks that exploit the ease with which external peripherals, such as graphics cards and PCI devices, can get direct access to memory.”]
Source: https://www.govinfosecurity.com/new-thunderbolt-flaws-disclosed-to-intel-a-14263