This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Report Vulnerabilities

Report Vulnerabilities
Security vulnerability refers to the defect or weakness that may be exploited to breach the system security mechanism in the system design, deployment, operation or management.

Vulnerability reporters can submit potential vulnerabilities to Huawei PSIRT by email. As the vulnerability information is extremely sensitive, we strongly recommend you to use our public PGP key (key ID 0xE8098249; fingerprint: D896 0828 44DF 62A5 6E6A 9EC9 AD40 C690 E809 8249) to encrypt the information when you report a potential security vulnerability to Huawei PSIRT. 

Please direct these emails to psirt@huawei.com. It is important to include at least the following information in the email:

  • Organization and contact name
  • Products or solutions and versions affected
  • Description of the potential vulnerability
  • Supporting technical details (such as system configuration, traces, description of exploit/attack code, sample packet capture, proof of concept, steps to reproduce the issue)
  • Information about known exploits
  • Disclosure plans, if any 
For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance. The security vulnerabilities identified by TAC will be escalated through internal process to PSIRT for resolution. The link is below:

TAC for Carrier Customer:

http://support.huawei.com/carrier/docview!docview?nid=IN0000034614&path=NN-000005v

TAC for Enterprise Customer:
http://e.huawei.com/en/service-hotline

TAC for Terminal Customer:
http://consumer.huawei.com/en/support/index.htm