If I've got this straight, an attacker would have to find a specific bug in the device's programs:
- a null pointer under reproducible conditions
- before a STM, or better still, a looping store
- and where arbitrary data can be inserted
And then be able to force a reset or execute some other vector.
And for it to work the device mustn't:
allow writes to zero page, or use ROM directly (or flash-ROM which isn't directly writable), or put its vector table elsewhere.
I'd have thought finding other security bugs might be easier.