Thanks for the link, this article is more clear compared to the posted above.

I’m more interested to the scope of the exploit whether it could touch the flash of the controller or not as you can also do OTA update through the BLE component.