From the Executive Summary:
Each "red team" was to try to compromise the accuracy, security, and integrity of the voting systems without making assumptions about compensating controls or procedural mitigation measures that vendors, the Secretary of State, or individual counties may have adopted. The red teams demonstrated that, under these conditions, the technology and security of all three systems could be compromised.
If thats not bad enough:
The key one is that the results presented in this study should be seen as a "lower bound"; all team members felt that they lacked sufficient time to conduct a thorough examination, and consequently may have missed other serious vulnerabilities.
Oh and they were able to overwrite the firmware on each machine without trouble.... more than a little disturbing.