Yes, but that's actually a general trend
We see more and more idiotic standards around. With the availabilities of libraries for just about any usecase, it seems trivial to just cram them together instead of making your own lean and simple purpose built protocol.
As with most security problems, it's probably caused my immature programmers. Every programmer has an urge to build complex "castles in the sky". Mature programmers have learned to control that urge and funnel it into creating simple but flexible systems.
In a way one could say that using Linux for systems which could work with some much smaller RTOS is a problem, particularly when you run additional services on it, but any decently mature developer will try to avoid having such unneeded services in favour of a serial port on a pin header on the board.