it's my understanding that all the major vendors... design their products and firmware in ways where it is difficult to impossible to install 'bad' firmware. it can still be done (ie 'custom' firmware) but warnings and notifications are provided to the user.

028559d218

security

Dark Skippy Disclosure - A Powerful Method For Key Exfil Attacks

utxoclub

Generally, it should be very difficult to install modified firmware to a security device, usually via a signature check. There is trust extended to the hw vendor to not make a malicious firmware.