It makes devices using those (extremely popular) chips easy to clone as you can dump the firmware (firmware that sometimes also contain secrets, like cryptographic keys or API keys).

Not world shattering, but damn annoying (I myself handle a few millions of those in a connected object deployment and at the very least it warrants a revision of the risk analysis, as the attacker level got lowered some scenarios became more likely).