In the case that was mentioned above, hardware frequently has drivers which can run as part of the kernel and can read the memory of other processes, among other things. A user of some hardware would be very likely to install a driver for it, without realizing that a malicious driver can basically do whatever it wants on their system.

In practice, if the software one wants to use is not trustable, then it shouldn't be run, at least on current mainstream desktop operating systems.