Security vulnerability refers to the defect or weakness that may be exploited to breach the system security mechanism in the system design, deployment, operation or management.
Vulnerability reporters can submit potential vulnerabilities to Huawei PSIRT by email. As the vulnerability information is extremely sensitive, we strongly recommend you to use our public PGP key (key ID 0x7E3C7F69; fingerprint: DC9D 0676 B289 30A1 D12C 765A 6461 9D10 7E3C 7F69) to encrypt the information when you report a potential security vulnerability to Huawei PSIRT.
Please direct these emails to firstname.lastname@example.org. It is important to include at least the following information in the email:
- Organization and contact name
- Products or solutions and versions affected
- Description of the potential vulnerability
- Supporting technical details (such as system configuration, traces, description of exploit/attack code, sample packet capture, proof of concept, steps to reproduce the issue)
- Information about known exploits
- Disclosure plans, if any
For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance. The security vulnerabilities identified by TAC will be escalated through internal process to PSIRT for resolution. The link is below:
TAC for Carrier Customer:
TAC for Enterprise Customer：
TAC for Terminal Customer：