Yep, that's why it's best to multi-sig with multiple manufacturers. A quorum would need to be compromised and collude to rob you.

This backdoor is really naive. If there's a backdoor in a major hardware hardware wallet, it's likely some kind of deterministic entropy.