There is usually little or no security boundary between the AP and complex peripherals (like the baseband, cameras, GPU, audio subsystem, etc.) Usually these will have direct access to main memory (like having a DMA channel given to them), and will have firmware loaded into them by the AP at boot. After which, they can damage the integrity and privacy of your 100%-OSS AP software.
The baseband, particularly, is of concern because it's connected to the outside world, and is powerful and complex. And almost always closed, and provided by an American company (Qualcomm).
The baseband, particularly, is of concern because it's connected to the outside world, and is powerful and complex. And almost always closed, and provided by an American company (Qualcomm).