You should probably read this before believing your “inner skeptic” https://www.apple.com/business/docs/site/iOS_Security_Guide....
That said, it is most likely “just” a computer that talks to the phone over USB and uses a chain of software exploits. It has to take over first the application processor, then the Secure Enclave, in order to bypass the passcode entry rate limit. The rate limit is key. iOS encrypts user data based on the passcode, so without guessing the passcode there’s no way to get at the data short of breaking AES. But you can guess. Passcodes default to 6 digits, creating only 1 million possibilities, low enough to bruteforce. Even if the bruteforcing has to be done on-device (because the passcode is tangled with device-specific keys managed in hardware), and even if repetitive crypto operations are added to make the key derivation take longer (not sure), key derivation can’t take too long or it would negatively impact the user experience, and 1 million is just really low. The only way to make a 6-digit passcode secure is to make the nth access attempt take (exponentially) longer than the first, a restriction that can’t be done with pure crypto but requires some trusted software to enforce. Which can be hacked.
That said, if you’re planning to do something sketchy, you can set a long non-numeric passcode and you’ll probably be immune to whatever Cellebrite is doing. (Unless they’re recovering the passcode itself from… somewhere. It’s not supposed to be stored, but bugs are possible.)
Source: iOS Security Guide