>>37366374they have a vulnerability in the real only bootrom (can't be patched)
>The USB software stack provided inside the boot instruction rom (IROM/bootROM) contains a copy operation whose length can be controlled by an attacker. By carefully constructing a USB control request, an attacker can leverage this vulnerability to copy the contents of an attacker-controlled buffer over the active execution stack, gaining control of the Boot and Power Management processor (BPMP) before any lock-outs or privilege reductions occur. This execution can then be used to exfiltrate secrets and to load arbitrary code onto the main CPU Complex (CCPLEX) "application processors" at the highest possible level of privilege (typically as the TrustZone Secure Monitor at PL3/EL3).Nintendo have been shipping bootrom patched models since July 2018, 5.0.0 firmware+ have no hacks unless you have a bootrom vulnerable switch (firmware doesn't matter on the first 18-20 switches)