That’s the ironic part.

Plenty of consumer-grade devices have had very lax security settings or backdoors baked in for purposes of “troubleshooting” and recovery assistance. It’s never been limited to foreign-made devices.

Security has never been part of the review process. The only time any agency has really cared is when encryption is involved, and that’s just been the FBI wanting it to be neutered so they can have their own backdoors.