Thanks PIF for posting this reply. . . but it needs more information. Let me add to your comment:
iPhones need physical access AND THE USER'S PASSCODE, plus an Apple Certificated malware designed to rewrite the firmware app on the Apple App Store, to be compromised.
You had it almost correct on the iPhone/iPad part of it. . . and that is for the completely different mode of attack of the "Spectre" malware which affects Intel, AMD, and ARM based processors.
Can’t take credit - got it from your post on another thread. You had not commented on this one so I though to spread the word. All thanks to you.