Yeah, you're wrong.

It's bad, but it's absolutely not unprecedented. The first time a similar issue was discovered was by Prozect Zero: https://googleprojectzero.blogspot.com/2017/04/over-air-expl... https://googleprojectzero.blogspot.com/2017/04/over-air-expl...

It has some pretty damning facts, including that most mobile devices have some form of IOMMU in theory, but they don't use it.

Later there was the Broadpwn vulnerability, which was very similar. I believe there were more of them later.

Google can claim many firsts, but hopping from a baseband to an application processor most certainly isn't one of them. I'm sure you can find presentations from e.g. CCC much older than 2017

I think I saw a presentation on this at the CCC in 2016, but it might have been another year.

It's unusual but certainly not novel. There have been similar attacks against e.g. server network cards >10 years ago, where (IIRC) a magic pattern used for factory testing could put the card into firmware download mode, and from there it had access to RAM, so game over

It's only in relatively recent times that shared memory interfaces have fallen under the security spotlight as new scenarios arise where a trusted driver may not be speaking to a trusted piece of hardware (e.g. virtualization), so there are plenty of attacks around that involve hopping across an interface assumed to have been free of trust boundaries (Firewire is another example kinda like this)