Huawei noticed that CERT/CC released security vulnerability in WiMAX routers on the CERT/CC official website on June 8, 2017.
CERT/CC and security researcher of Sec-Consult have sent the vulnerability information to Huawei PSIRT (PSIRT@huawei.com) before disclosing the information.
Huawei immediately started investigation and analysis and confirmed that the products mentioned (Huawei BM2022, Huawei HES-309M, Huawei HES-319M, Huawei HES-319M2W, Huawei HES-339M) in the report have reached End of Service (EOS), Huawei has established a lifecycle management system and clarifies the product lifecycle strategy and product termination strategy, implementing lifecycle management in accordance with industry practices. Huawei suggested that users replace old Huawei routers with those of later products.
We express our appreciation for CERT/CC’s and Sec-Consult’s concerns on Huawei products.
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.