Istio Exposed Ports and Security

The documentation contains a list of the ports used by Istio (https://istio.io/latest/docs/ops/deployment/requirements/#ports-used-by-istio).

Can anyone direct me to any further information discussing what precisely these various ports are used for - and in particular any security analyses related to these (i.e. are any of the open ports likely to provide an surface for attack, particularly from an attacker with some toehold already within the cluster)?