not sure why this hasn't been posted yet but apparently fail0verflow has detailled a new hardware exploit on their website. while i admit i don't understand half of what i read , this particular part seems interesting:
anyway , here is the source
https://fail0verflow.com/blog/2018/ps4-cec/
This post outlines a way to dump EMC firmware and gain EMC code exec on any hardware revision. While the real root keys (in fuses and ROM) of EMC versions besides the first are still unknown, they could yet be recovered with side channel attacks, if someone really wanted them. Since this method is comparatively much more simple and more generic, it stands on its own as an interesting exploit.
anyway , here is the source
https://fail0verflow.com/blog/2018/ps4-cec/