The Man-in-the-middle attack, is that cyber attack that alters communication between two parties, in particular when a Hacker interposes between you and the object with which you are interacting. As for the Hardware wallets manufacturers adopt various technologies to ward off this problem.
Starting from a physical alteration on the devices, the hacker, opening the hardware wallet can modify the components and install a modified firmware, for this manufacturers adopt various solutions, For example, Trezor puts burglary seals on the device and on the box to prevent them from being opened. You must be careful that the box is intact and does not present tampering, the same for the manufacturer Ledger, always check that the box is intact. In addition, Ledger uses a proprietary firmware (Bolos) and every time it is started, it verifies that it is authentic.
To overcome other types of hardware attacks, wallet manufacturers use mechanical keys such as Ledger and Trezor, or have the numbers to type the pin on the screen randomly as with the Trezor T.
Other very important advice is to always check the wallet address that appears on the wallet screen compared to the one displayed on the PC monitor, some malware may change the sending address of your currencies, shortly before validating the transaction and you would end up confirming the transfer to a different address.