Espressif has lest some debugging/flashing commands in their proprietary ROMs for ESP32 chips, when dealing with HCI devices. Basically, if you send certain USB commands, you can reprogram memory.

Could be useful for reverse engineering/taking over ESP32s with secure boot enabled and the flash ROM locked down or even encrypted. I don’t think it’s a particularly problematic exploit for general purpose devices, though.