Up to now, Huawei has not received any report about tool/script implantation in Huawei firewall products. To help customers detect whether their firewall device BIOSes and host software packages have been tampered with and remove implanted tools/scripts, Huawei provides a patch package for checking the integrity of the BIOSes and host software packages of the Eudemon300/500/1000 series.
Related documents and patches for carrier customers are available at:
Related documents and patches for enterprise customers are available at:
Users can also obtain them from Huawei Technical Assistance Center (TAC). For TAC contract information, please refer to http://www.huawei.com/en/psirt/report-vulnerabilities/index.htm.
PSIRT will continue to track the event. If any potential vulnerability is found in any Huawei product, we will publish a Security Advisory (SA).
2016-08-26 V1.3 UPDATE Update the link of patch package for checking the integrity
2016-08-25 V1.2 UPDATE Update the link of patch package for checking the integrity
2016-08-24 V1.1 UPDATE Add the link of patch package for checking the integrity
2016-08-23 V1.0 INITIAL
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.