Fun vulnerabilities in this class include Medtronic insulin pumps - they listen for commands on a radio interface, and broadcast all the (rather limited) information you need to remote control them. Oh, and you can’t disable the radio interface, because reasons. To the best of my knowledge they still haven’t fixed it, though I hope I’m wrong.
