How does Windows use the TPM for BitLocker encryption without an attacker being able to do the same?

From this FAQ, I understand that BitLocker uses the following keys to encrypt the hard-drive:

• Full volume encryption key (used to encrypt raw data; encrypted by the volume master key and stored on-disk)
• Volume master key (encrypted by a key protector and stored on-disk)
• Key protector (TPM or numerical password)

The following output from manage-bde (with hidden data) shows that the system uses both TPM and numerical password (recovery password) as key protectors:

    C:\WINDOWS\system32>manage-bde -protectors -get C:
    BitLocker Drive Encryption: Configuration Tool version 10.0.16299
    Copyright (C) 2013 Microsoft Corporation. All rights reserved.

    Volume C: [Windows]
    All Key Protectors

    Numerical Password:
      ID: {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
      Password:
        XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX

    TPM:
      ID: {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
      PCR Validation Profile:
        0, 2, 4, 11

In this case, what key protector is used to encrypt the volume master key?

Also, what prevents an attacker from either using the TPM as Windows would do it, or to read the recovery password from disk (the latter protector must exist in cleartext)?