What are the security concerns regarding hardware cold wallets?

Physical devices have an inherent risk of being lost, stolen, or damaged.

There are fault-injection attacks, in which errors are introduced to alter the intended behavior of the wallet making it unusable.

An attacker can change the wallet’s firmware exposing the private key and even diminish the device’s security.

An attacker may utilize social engineering to access the user’s private key.