Sensitive information, such as session cookies, would still have leaked via the software
exploit. Yet the server's private key, which remains in the HSM, would not have leaked.
Since the hardware cryptographic co-processor runs as a physically separate machine, it is
very difficult for software exploits running on the main processor to disclose secrets in the
hardware module. In the embedded world, there are several chips that perform this key