From your question, and the comments, I'm not really sure what you are looking for is a pure hardware malware.
Afterall, if software failure is so hard you can't recover anything, it will basically be as bad as having to trash your hardware.
So here I have a few solutions for your, both hard science, and science fiction style.
Crypto-worm :
My dear friend, here is the most feared enemy of cyber security teams world wide : cryptolocker worms. What is a worm exactly ?
It's a kind of malware which tries to infect other computers on its own, compared to a virus which requires human action to replicate.
Why is it feared then ? They were first encountered with the WannaCry ransom-worm, a malware spreading on its own using a vulnerability
in a common obsolete protocol. The malware encrypt the whole computer, and then ask for a ransom for it to be deciphered.
A lot of companies or governemental entities where struck by this kind of malware. Even a good disaster recovery plan can be harmed
by this kind malware, as it can be dormant for months, and ready to encrypt even your offline data banks.
A cryptolocker using an unconditionnaly strong encryption algorithm will basically destroy all data banks from your enemies. You can for instance
use a one time pad : basically rewriting every bit of data with random garbage, and then dumping the "key". No one will ever be able to crack it,
no matter what technology they have at hand. Only magic could save you here.
https://en.wikipedia.org/wiki/One-time_pad
With several software flaws, one might assume the firmware are also dead at this point, requiring someone to manually reconfigure each
CPU, GPU, HDD, SSD or whatever drives you have in your setting.
Basically the main flaw would be : having a wide network with old obsolete tech, leading to many known vulnerabilites. Unfortunately
this is not uncommon for systems to be based on open source yet not supported anymore libraries, or to use legacy functionnalities. The
best way to protect from this is still to have a network with limited outside interaction, but in your setting everything seems highly
connected.
Weary malware :
If you want to impact directly the hardware, instead of rendering it unusable due to the firmware, then you have the possibility to overuse
stuff. Disable sensors from the firmware. Have a worm act on GPU, hard drive and CPU. Its goal will be to overload components with tons of useless
calculations, permanentely. It will at first only slow computers and servers. But at some point, most components will have major failures. Hard
drives are not meant to be constantly running at 100% capacity. SSDs have a long life expectancy, but much worse if you use it constantly and mess
with energy it receives. Most CPU aren't super calculators meant to last for dozens of years, they will fail pretty hard at some point.
This is not uncommon in the malware family, cryptominers exists which turns your computers into cryptocurrency miners. It can impact very negatively
your hardware, and if pushed to the limit by not trying to mine, but by trying to harm, it can definitely destroy some critical components like
the GPU or CPU. Bonus point : the useless calculation can also be a useful calculation, like using a network of all computers to brute force some
third party encryotion, or perform calculations for whatever you want (scientific programs, trajectories, etc...)
Exploding malware :
For all devices with a battery, a malware might affect sensors to disable the charging protection. The battery will go on charging, charging,
charging up to the point of exploding. Here the design flow is directly with the manufacturer, by not implementing a physical protection against
overcharging. Like Samsung batteries did in the past.
Bonus point for this one, not only will it harm devices, but it will also harm its users. Yet it work only for devices with batteries and plugged in.
Infection modus operandi :
All of the previous malwares are more or less hard science. They can pretty much happen today, though perhaps not at the global scale you'd
want. As for the method for infecting a global network, you might be interested to check supply chain attacks, or watering hole attacks :
https://en.wikipedia.org/wiki/Watering_hole_attack
https://en.wikipedia.org/wiki/Supply_chain_attack
If there is only one main supplier for critical hardware components, infecting such hardware directly at the factory is an interesting solution.
It allegedly already happened :
https://www.politico.eu/article/lithuania-china-phones-cybersecurity-concerns/
It is not at a global scale, as Xiaomi is not the main supplier of everything, and it is not 100% proved. Yet it is a very likely scenario for
a dictatorship to implement stuff in computer components produced by its industry.
Sentient artificial intelligence :
What if science fiction is a possibility ? A rogue AI is sent in your enemy's information system. The thing is basically a god for computers :
being able to change everything everywhere at light speed.
"But what if I unplug it ?" You can unplug all of your computers of course. At this point you don't have an information system anymore though.
And you still need to rewrite every component with a bit of software, which is almost everything. It might be impossible anyway
if a self aware artificial intelligence is rewriting everything quicker than you can whenever you try to rewrite anything on a chip,
drive or whatever component.
Your only solution left is to destroy all infected component, as plugging it anywhere might also infect your rather sane equipements.
Now you might ask, what vulnerability am I going to use to have a self aware AI running everywhere ? Well basically anything. A real AI would
be the ultimate apex predator, able to pentest any system anywhere. The only way you'd be safe from such thing is having some air gapped
environments protected against TEMPEST threat :
https://en.wikipedia.org/wiki/Tempest_(codename)
If nothing can enter your server room, and not a single signal can pass through it, then you're basically safe. If working in a very
advanced sci-fi setting, as far as we know, quantum entanglement might help communicate between air gapped systems without the AI ever
being able to interfere and infect your systems. But as you might guess, quantum entanglement is hard to achieve (if achievable at all
at an industrial scale).