Only if the vendor isn’t plying malware themselves.

The only solution is to force some semblance of user agency on those models, such that the vendor isn’t imposing from above.