Este site utiliza cookies. Ao continuar navegando no site, você concorda com esse uso. Leia nossa política de privacidade

Corporativo Brasil [alterar]
Corporativo
Sobre a Huawei, Imprensa e Eventos e mais
Pessoal
Celulares, Computadores e Tablets, utensílios e mais
Enterprise
Produtos, soluções e serviços para empresas
Carrier
Produtos, soluções e serviços para operadoras
Huawei Cloud
Produtos e soluções baseados nos serviços da Huawei Cloud

Select a Country or Region

Security Notice - Statement on CERT/CC Disclosing the Hardcoded Key and Certificate Vulnerability in Multiple Embedded Devices

  • Initial Release Date: 2015-11-26
  • Last Release Date: 2015-11-26

Huawei has noticed that CERT/CC disclosed on its website information about multiple embedded devices using non-unique hardcoded keys and certificates. Huawei is one of the product vendors. The vulnerability was reported to CERT/CC by Stefan Viehbck from SEC Consult. CERT/CC had reported the vulnerability to Huawei PSIRT before the disclosure. Huawei launched an investigation immediately.

Huawei has confirmed that this vulnerability exists in some Huawei home gateway, WiMAX, and CPE products and is working on it. Huawei PSIRT may update the security notice anytime. Please stay tuned.

Huawei appreciates Stefan Viehbck from SEC Consult for his attention to Huawei product security and CERT/CC for reporting the vulnerability to Huawei.


2015-11-26 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.

http://www.kb.cert.org/vuls/id/566724