The Thunderclap vulnerabilities are security flaws that affect the way modern computers interact with peripheral devices such as network cards, storage, and graphics cards.
These vulnerabilities allow an attacker with physical access to a Thunderbolt port to compromise a target machine in a matter of seconds, running arbitrary code at the highest privilege level and potentially gaining access to passwords, banking logins, encryption keys, private files, browsing and other data. Attacks exploiting these vulnerabilities can also be carried out by seemingly innocuous peripherals like chargers and projectors that correctly charge or project video but simultaneously compromise the host machine.
Thunderbolt 3 is often supported via USB Type-C ports on modern laptops. Machines with older versions of Thunderbolt (carried over a Mini DisplayPort connector) are also affected.
We advise you to always be carefull with peripheral devices you don't know. Especially chargers in open areas or people asking you to test devices on your system. For some systems the manufacturers have provided updates that limit the use of the vulnerabilities. So be sure to always keep your system up-to-date.
