Dubbed "Thunderclap," the collective vulnerabilities take advantage of how Thunderbolt works, and specifically the privileged, low-level direct memory access (DMA) it affords. The way Thunderbolt is constructed, peripherals have more privileges than regular USB devices.
"If no defenses are used on the host, an attacker has unrestricted memory access, and can completely take control of a target computer: they can steal passwords, banking logins, encryption keys, browser sessions and private files, and they can also inject malicious software that can run anywhere in the system," the researchers explain.
That said, there remains "significant further vulnerabilities" that are not protected by IOMMU. As a proof-of-concept, the researchers built a fake network card that is capable of interacting with the OS in the same way a real one.
"We found the attack surface available to a network card was much richer and more nuanced than was previously thought...On macOS and FreeBSD, our network card was able to start arbitrary programs as the system administrator, and on Linux it had access to sensitive kernel data structures. Additionally, macOS devices are not protected from one another, so a network card is allowed to read the display contents and keystrokes from a USB keyboard," the researchers said.
Whether you use Thunderbolt devices or not, be careful of what you're plugging into your system.