- However, the microcontroller is vulnerable to manipulation attacks because cryptographic operations are still performed on it. In theory, a hacker could modify the software on the microcontroller flash memory to steal the user's crypto by introducing biased entropy and seed generation or manipulating the nonce of ECDSA signatures.
so, reformatting the device and updating the software/firmware should prevent such a supply chain attack.
I think Ledger's Donjon security team is trying to prove itself rather than a serious security vulnerability.