It's dumb that we don't have open source hardware. Not that it would entirely prevent this sort of thing. All mobile devices are so complicated that they should never be trusted.
It makes no sense to me that the modem should have ring 0 on the main CPU of the device.
https://en.m.wikipedia.org/wiki/Protection_ring