The Trezor device has access to your private keys. Therefore, it is correct to assume that if the device is compromised, you could lose the BTC stored on it.

Can the device be compromised? For instance, can the attacker convince it to run software supplied by the attacker?

From time to time, the firmware on the device has to be updated. The update is downloaded from the site of the producer and signed with several (3? Don't recall any more) secret keys of the developers. The signatures are checked with the public keys of the developers, which are stored in the firmware of the device. Can this process be subverted?

If the PC downloading the new firmware is compromised, the malware on it can modify the new firmware - but it would invalidate the signatures. Therefore, a different approach is needed.

One possibility is if the signing (secret) keys of the developers are compromised - either by a disgruntled employee, or because they go rogue, or because the company is hacked. Such things have happened in the past. However, several keys would have to be compromised (and the breach not noticed); just one would not be enough. While not impossible, I consider this highly unlikely.

There is another approach, however - one that exploits not cryptography but human nature. We call is "social engineering" but it's basically lying and manipulation. Suppose that the malware on the compromised PC intercepts all communications to and from the company server and changes the firmware update page. It puts a HUGE warning that the company's keys have been compromised, there are new ones and the new firmware is signed with them, so trust us and ignore any warnings from the device - with screen shots of what to do and everything. (The same thing can be achieved by hacking the company's site - but that would be noticed and fixed fast enough.)

While many people will realize that something is fishy, many more would not. And a successful scam doesn't have to work on everybody - it only needs to work on enough people to be profitable.