Security Notice - Statement about the OpenSSL DROWN Vulnerability

Initial Release Date: Mar 02, 2016
Last Release Date: Mar 30, 2016

Huawei noticed that a DROWN (Decrypting RSA with Obsolete and Weakened eNcryption, CVE-2016-0800) vulnerability was disclosed by OpenSSL on March 1st, 2016. Huawei immediately launched a thorough investigation.

Huawei has delivered Security Advisory. Customers can get necessary support for product security vulnerabilities through Huawei local technical service. The link of the security advisory is:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-openssl-en

Revision History

2016-03-30 V1.1 FINAL added SA link
2016-03-02 V1.0 INITIAL

Huawei Security Procedures

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.

Reference links

https://www.openssl.org/news/secadv/20160301.txt

Select a Country or Region

Products

Connectivity

Computing

Cloud

Services

Industry Solutions

Consumer Support

Huawei Cloud Support

Enterprise Support

Carrier Support

Partners

Training & Certification

Developers

About Us

News & Events

Explore More

SEARCH HISTORY

Security Notice - Statement about the OpenSSL DROWN Vulnerability

Select a Country or Region

Connectivity

Computing

Cloud

SEARCH HISTORY

Security Notice - Statement about the OpenSSL DROWN Vulnerability

Online Services

Consumer Products

Huawei Cloud

Enterprise

Carrier Network