A vulnerability in the Peloton Bike+fitness machine has been fixed that could have allowed a threat actor to gain complete control over the device, including its video camera and microphone. McAfee security researchers Sam Quinn and Mark Bereza purchased a Peloton bike+ to poke at the underlying Android operating system and see if they could find a way to compromise the device. Android allows devices to boot a modified image using a special command called’fastboot boot,’ which loads a new boot image without flashing the device and enable the device to revert to its default software on reboot.
Source: https://www.bleepingcomputer.com/news/security/peloton-bike-plus-vulnerability-allowed-complete-takeover-of-devices/