@wolf480pl @sjb It doesn't strictly require already having root on the device - if the bluetooth implementation generates bluetooth commands in some way, that would allow for easy remote exploitation (if an attacker can get the bluetooth library to generate the backdoor opcodes, the attacker can trivially write to memory or flash and get persistent exploitation).