It depends, some M-devices are iOS and iPadOS devices, which would have this hardware issue but don't have actual background processing, so I don't believe it's possible to exploit it the way described.
On Mac, if they have access to your device to be able to set this up they likely have other, easier to manage, ways to get what they want than going through this exploit.
But if they had your device and uninterrupted access for two hours then yes.
Someone who understands it all more than I do could chime in, but that's my understanding based on a couple of articles and discussions elsewhere.