This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our private policy>

Report Vulnerabilities

Security vulnerability refers to the defect or weakness that may be exploited to breach the system security mechanism in the system design, deployment, operation or management.

Vulnerability reporters can submit potential vulnerabilities to Huawei PSIRT by email. As the vulnerability information is extremely sensitive, we strongly recommend you to use our public PGP key to encrypt the information when you report a potential security vulnerability to Huawei PSIRT(link to the key: key ID 0x7E3C7F69; fingerprint: DC9D 0676 B289 30A1 D12C 765A 6461 9D10 7E3C 7F69). Please direct these emails to psirt@huawei.com. It is important to include at least the following information in the email:

  • Organization and contact name
  • Products or solutions and versions affected
  • Description of the potential vulnerability
  • Supporting technical details (such as system configuration, traces, description of exploit/attack code, sample packet capture, proof of concept, steps to reproduce the issue)
  • Information about known exploits
  • Disclosure plans, if any 
For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance. The security vulnerabilities identified by TAC will be escalated through internal process to PSIRT for resolution. The link is below:

TAC for Carrier Customer:

http://support.huawei.com/support/pages/news/NewsInfoAction.do?actionFlag=view&doc_id=IN0000034614&colID=ROOTENWEB%7CCO0000000169%7CCO0000003000

TAC for Enterprise Customer:
http://support.huawei.com/enterprise/NewsReadAction.action?contentId=NEWS1000000563 

TAC for Terminal Customer:
http://consumer.huawei.com/en/support/index.htm