On the HCI interface. That's not a OTA attack.

If an attacker can write raw data the HCI interface you are doomed anyway.

If you have access to the targets computer and their password there is an attack vector where you can feasibly gain access their files.

If and only if the host's serial or HCI driver has some undocumented exploit to gain code execution. (They probably don't)