It's possible to manipulate emulated ROM via backdoor interface.
vulners.com/securityvulns/securityvulns:doc:27844
vulners.com/securityvulns/securityvulns:doc:27880