There's a series of different problems. One of them pertains to the potential for equipment to be updated in ways that are detrimental to Canada's national security interests. This could involve a firmware update that modifies the way the most basic elements of the boards operate. It could also involve modifications to the software systems that are one layer up on the routing equipment.
Associated with that, there's the possibility that if there are vulnerabilities that are accidentally inserted—code has bugs all the time—the Chinese government could issue an order telling Huawei not to patch it. That may be the most significant type of vulnerability, because it would not be one that was deliberately inserted. Indeed, these types of vulnerabilities have been exploited by the members of the Five Eyes alliance as well, minus any sort of legislative requirement, as far as we know.
Those would be the primary issues. That kind of back door could then be used to modify data, which is probably as dangerous as, or even more dangerous than exfiltrating it. All of a sudden, you would be unable to determine whether the data you were receiving that was being processed through the network was accurate, inaccurate or something else.