Years ago when I was working at a major UTM vendor, we were studying something we called 'WLAN Malware' or 'Wireless Malware'. That is, malware that itself is a frequency, injected into the wireless beamform itself to infect a device. At the time, nobody in the general public or even IT circles really believed such a beast could exist. But it can. Later, the same lab was exploring data integrity violations of 60 Hz circuits (electricity). As implausible as it sounds, not only can data be egressed from a location over the 60 Hz line, but data can ingress over it. We examined Ultrasonic Frequencies in use for malware, intrusion, and data extraction techniques and isolated specific ranges of them in use. Many years, even a decade before anything was known about this. We've seen long ethernet runs be used for extraction and infiltration, and in some cases simply destroying equipment with EMI and ATX overloading.
The good news is, there are countermeasures for almost all of this.
You are vulnerable, especially on runs over 10 feet, and seriously vulnerable on runs over 30 feet or more. Fortunately you can use SFTP and ATX shielded cable and use a gas discharge coupler on the ethernet to avoid problems. If you plug anything in to the wall it's vulnerable. Fortunately you can apply Material 31 ferrite to each device cable, Shunt Capacitors on the circuit, and if necessary use an Isolation Transformer before your UPS.
Even then, that is aside from known vulnerabilities, programmed vulnerabilities, exploits, malware and compromised update channels. In effect, it's virtually impossible to guarantee the security of anything anymore.
I suppose you could find an old computer, old NIC, running a highly antiquated OS version and as a general rule have something quite secure and something you can assuredly trust. But who is going to do that? Nobody really. So the net result is - everything is already compromised and most people should work from the assumption that if it is plugged into electricity and/or plugged into ethernet, it's compromised.