Unless someone figures out how to chain this through a browser exploit
Agreed. But if someone gets code with enough privileges running on a machine, it's pretty much game over anyway (there are probably enough local exploits in the black market, let alone that you'll be able to trick people into giving a root password or accessibility access for key logging).
I don't want to downplay this vulnerability. It's bad. But if you read press coverage, it'll read like imminent doom, which overblown.
Also, we have to see if there are no workarounds. E.g. Pro/Max have two performance clusters. So, certain types of communication between apps could be required to run on separate performance clusters. We don't know if Apple doesn't have a similar undocumented flag on M1/M2. We don't know what is possible through microcode updates, etc. So many unknowns at this point.