High.
FireWire and lightning have DMA capabilities. I’m not sure how exploitable it is but you could read disk buffers which are not encrypted directly from RAM. When you suspend a Mac I.e. shut the lid it goes into light sleep not hibernate so if you open the lid then all disk buffers that have been read are vulnerable.
Also I don’t think macs use a HSM so the state of the machine is likely in that RAM somewhere, possibly enough info to get that FileVault key.
And then there’s the ME processor which can be activated and has better than ring 0 access.
You can’t win either way unless you control the entire hardware end to end which Apple do with iOS.
The whole situation sucks.