The only logical conclusion that can be drawn is that the Huawei Cyber Security Evaluation Centre Oversight Board considered the shortcomings to be errors of omission, not commission.
In other words, there was no malicious intention behind the sloppiness uncovered, just plain incompetence. This is not surprising given that a majority of coders the world over have very little idea about security.
Unlike the Americans, who have been throwing mud at Huawei for years in the hope that some will stick, the British report took an evidence-based approach.
Though the Shenzhen-based company has developed a new operating system based on Linux, the report said that the security of this new OS could not be guaranteed due to existing deficiencies in engineering processes.
In some cases, the HCSEC report found that processes which were set out in Huawei's own operations manual were not being followed by its staff.
While four products had been provided to test binary equivalence - that is to verify that the binary contained the same source code which had been viewed - there were issues in the underlying build process, the report said.
Similarly, build-related issues made it difficult to be sure that different deployments of similar equipment had broadly the same level of security.
"For example, it is difficult to be confident that vulnerabilities discovered in one build are remediated in another build through the normal operation of a sustained engineering process," the report said.
"The ability to do so, and the end-to-end assurance that a particular source code set is precisely that used to build a particular binary would normally be satisfied as a side effect of a modern software engineering process."
Additionally, configuration management improvements, which had been driven by the UK community since 2010, had not been applied across product and platform development groups or across configuration item types (source code, build tools, build scripts etc).
There were other engineering issues identified as well but the point made was the same: Huawei needs to get its act in order, else the next time the comments would be harsher.
Britain's Department for Digital, Culture, Media and Sport is carrying out a review of telecommunications supply arrangements and that would be the final say on what kind of role Huawei plays in the UK's 5G rollout.