Yes. Also depending on the implementation (ie if it's not an outdated Intel machine) it is presumably also vulnerable to snooping the memory bus while it's running. Note that this active attack applies regardless of encryption and impacts even enterprise SKUs. https://tee.fail/