Trezor being an open architecture, at least until Trezor T, has a “bug” that allows you to extract the seed and once extracted you can brute force attack the pin.

This was solved with the secure SD function where the seed encryption key is the pin + key on the SD card (256 bits).

The attacker needs to have both (pin + sd) or it is technically impossible to brute force decrypt the seed given the length of the key.