This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our private policy>

Security Notice - Statement on the Media Disclosure of the Security Vulnerabilities in the Intel CPU Architecture Design

  • Initial Release Date: Jan 04, 2018
  • Last Release Date: Apr 09, 2018

Huawei noticed that media had released information about the security vulnerabilities in the Intel CPU architecture on January 2, 2018. These vulnerabilities allow attackers to obtain kernel memory data through side-channel attacks. On January 3, 2018, Google project Zero disclosed the detailed information of "Meltdown" and "Spectre". Huawei immediately started analysis and investigation and communicated with related CPU and operating system suppliers.

The customers can deploy Huawei NGFWs (Next Generation Firewall) or data center firewalls, and upgrade the IPS signature database to the latest version IPS_H20011000_2018010800 released on January 8, 2018 to detect and defend against this vulnerability exploits initiated from the Internet.

Huawei has delivered Security Advisory (SA) for these vulnerabilities. The link of the SA is: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180106-01-cpu-en. The investigation is still ongoing. Huawei PSIRT will keep updating the SN, Please stay tuned.

Customers should contact Huawei TAC (Huawei Technical Assistance Center) to get necessary support for product security vulnerabilities. For TAC contact information, please refer to Huawei worldwide website at: http://www.huawei.com/en/psirt/report-vulnerabilities.

Carrier customers can log into Huawei Support website to obtain information about the impact: http://support.huawei.com/carrier/docview!docview?nid=NEWS2100007595&path=PBI1-8132379

Affected Products:

1288H V5                    

DH620 V2                    

MateBook X                  

2288H V5                    

DH621 V2                     

N2000 Appliance             

AnyOffice                   

DH626 V2                    

OceanStor T3200             

AR100                       

DH628 V2                    

OceanStor T3500             

AR100-S                     

eAPP610                     

RH1285                      

AR110-S                     

eCNS210                     

RH1288 V2                   

AR120                       

eCNS600                     

RH1288A V2                  

AR120-S                      

eLog                        

RH2265 V2                   

AR1220C                     

eSpace 8950                 

RH2268 V2                   

AR1500                      

eSpace AEP                  

RH2285                      

AR151-S2                    

eSpace BIR                  

RH2285 V2                   

AR160 (Exclude AR160F)      

eSpace CAD                  

RH2285H V2                  

AR160-S (Exclude AR160F-S)  

eSpace DEC6001-E            

RH2288 V2                    

AR2204-XGE                  

eSpace ECS                  

RH2288A V2                  

AR3600                      

eSpace ICS                  

RH2288E V2                  

AR500                       

eSpace POP                   

RH2288H V2                  

AR510                       

eSpace U2980                

RH2485 V2                   

AR532                       

eSpace U2990                

RH2488 V2                   

AR550C                      

eSpace UMS                  

RH5485 V2                   

AR550E                      

eSpace USM                  

RH5885 V2                   

BH620 V2                    

eSpace VCN3000              

RH5885 V3                   

BH621 V2                     

EulerOS                     

RSE6500                     

BH622 V2                    

FusionCompute               

SC                          

BH640 V2                    

FusionModule1000A           

SMC2.0                      

CH121                        

FusionModule2000            

SRG1320E                    

CH140                       

Huawei solutions for SAP HANA

SRG550C                     

CH220                       

iManager NetEco 6000        

T6000                        

CH221                       

iManager T2000              

UC Audio Recorder           

CH222                       

ManageOne                   

VCM                         

CH240                       

MateBook                    

VP9630                      

CH242                       

MateBook D                  

VP9660                      

CH242 V3                    

MateBook E                  

XH321 V2                    

DH321 V2                    


Products Confirmed Not Vulnerable:

AC6605

FusionAccess

OceanStor S5600T

AD9430DN-12-FAT

FusionManager

OceanStor S5800T

AD9430DN-24-FAT

iManager U2100

OceanStor S5900

AP2050DN

IPC6112-D

OceanStor S6800T

AP2050DN-E

IPC6122-D

OceanStor S6900

AP2050DN-S

IPC6122-P

OceanStor SNS2120

AP4030TN

IPC6232-IR

OceanStor SNS2124

AP4050DN-E

IPC6611-Z30-I

OceanStor SNS2224

AP4050DN-HD

IPC6621-Z30-I

OceanStor SNS2248

AP430-E

IPE

OceanStor SNS2624

AP5030DN-C

MicroDC

OceanStor SNS3096

AP6010DN-AGN

NetCOL

OceanStor SNS3664

AP6050DN

NetEngine16EX

OceanStor SNS5120

AP6150DN

NIP5000I

OceanStor SNS5192

AP7050DE

OceanStor 18500

OceanStor SNS5384

AP7050DN-E

OceanStor 18500 V3

OceanStor SNS5604

AP8130DN-W

OceanStor 18500 V5

OceanStor SNS5608

AP9131DN

OceanStor 18500F V3

OceanStor Toolkit

AR1200(Exclude AR1220C)

OceanStor 18500F V5

OceanStor UltraPath

AR1200-S

OceanStor 18800

OceanStor VIS6300

AR150

OceanStor 18800 V3

OceanStor VIS6600

AR150-S(Exclude AR151-S2)

OceanStor 18800 V5

OceanStor VIS6600T

AR160F

OceanStor 18800F

OceanStor VTL Solution

AR160F-S

OceanStor 18800F V3

OceanStor VTL6900

AR200

OceanStor 18800F V5

OptiX RTN 620

AR200-S

OceanStor 2200 V3

R250D-E

AR2200(Exclude AR2204-XGE)

OceanStor 2600 V3

RP200

AR2200-S

OceanStor 2600F V3

S12700

AR2500

OceanStor 2800 V3

S5700

AR28-11

OceanStor 2800 V5

S7700

AR29-21

OceanStor 5100 V3

S9700

AR3200

OceanStor 5300 V3

Seco VSM

AR3200-S

OceanStor 5300 V5

Secospace AntiDDoS1500-D

AR46-40

OceanStor 5300F V5

Secospace AntiDDoS1520

AR46-80

OceanStor 5500 V3

Secospace AntiDDoS1550

AR49-45

OceanStor 5500 V5

Secospace AntiDDoS8000

AR530(Exclude AR532)

OceanStor 5500F V3

Secospace AntiDDoS8030

AR550(Exclude AR550C/ AR550E)

OceanStor 5500F V5

Secospace AntiDDoS8080

AR-DCP

OceanStor 5600 V3

Secospace AntiDDoS8160

ASG2050

OceanStor 5600 V5

Secospace USG6600

ASG2100

OceanStor 5600F V3

SeMG9811

ASG2150

OceanStor 5600F V5

SMSC

ASG2200

OceanStor 5800 V3

SMSGW

ASG2600

OceanStor 5800 V5

SoftCo

ASG2800

OceanStor 5800F V3

SRG1300(Exclude SRG1320E)

CloudEngine 12800

OceanStor 5800F V5

SRG2300

CloudEngine 5800

OceanStor 6800 V3

SRG3300

CloudEngine 6800

OceanStor 6800 V5

TE Desktop

CSB

OceanStor 6800F V3

TE Mobile

DP300

OceanStor 6800F V5

TE30

DSM

OceanStor 6900 V3

TE30-V

E6000

OceanStor 9000

TE40

E6000 Chassis

OceanStor 9000S

TE50

EG860-D61

OceanStor Backup Software

TE60

ES3000

OceanStor BCManager

TP3106

eSpace 7800 Series

OceanStor DJ

UAP3300

eSpace 7910

OceanStor Dorado2100 G2

UMA

eSpace 7950

OceanStor Dorado5000 V3

UPS2000

eSpace IAD

OceanStor Dorado5100

USG9500

eSpace Mobile

OceanStor Dorado6000 V3

USG9520

eSpace NVR6008

OceanStor HDP3500E

USG9560

eSpace NVR6008-1U

OceanStor HVS85T

USG9580

eSpace NVR6016

OceanStor HVS88T

VC Integration Module

eSpace NVR6032

OceanStor N8500

ViewPoint 8660

eSpace POM

OceanStor Onebox

ViewPoint GK

eSpace SBC

OceanStor ReplicationDirector

ViewPoint MM

eSpace U1910

OceanStor S2200T

ViewPoint RM

eSpace U1911

OceanStor S2600T

VPC620

eSpace U1930

OceanStor S2900

VPC800

eSpace U1960

OceanStor S3900

X6000

eSpace U1980

OceanStor S5500T

X8000

eSpace U1981


2018-04-09 V2.1 Updated Update the list of the affected and not affected products
2018-02-27 V2.0 Updated Update the security notice description information
2018-02-24 V1.9 Updated Update the list of the affected and not affected products
2018-02-11 V1.8 Updated Update the list of the affected and not affected products
2018-01-26 V1.7 Updated Update the list of the affected and not affected products
2018-01-25 V1.6 Updated Update the list of the not affected products
2018-01-18 V1.5 Updated Added the list of the affected products
2018-01-12 V1.4 Updated Added the list of the affected products
2018-01-11 V1.3 Updated Added the list of the affected products
2018-01-09 V1.2 Updated Added the list of the affected products
2018-01-06 V1.1 Updated Added the list of the affected products and SA link
2018-01-04 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.