Huawei noticed that security researcher Ankit Anubhav from NewSky Security revealed an information leak vulnerability (CVE-2018-7900) in Huawei HG product. Security researcher Ankit Anubhav has sent the vulnerability to Huawei PSIRT before disclosing the information. Huawei immediately launched a thorough investigation.
Huawei has finished the investigation and confirmed that Huawei HG product is affected by this vulnerability. Huawei has already provided a version to fix the vulnerability and has contacted the affected carrier. Huawei PSIRT will keep updating the SN, please stay tuned.
We express our appreciation for Ankit Anubhav’s concerns on Huawei.
2018-12-19 V1.0 INITIAL
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.
Customers should contact Huawei TAC (Huawei Technical Assistance Center) to get necessary support for product security vulnerabilities. For TAC contact information, please refer to Huawei worldwide website at:.