The security vulnerability allowed anyone with physical access to the hardware wallet to swipe its mnemonics.