This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy (update in May 2018) >

Security Notice - Statement on the UAP2105 Vulnerability Mentioned at the BlackHat USA Conference

  • Initial Release Date: Aug 06, 2015
  • Last Release Date: Sep 02, 2015


Huawei noticed that security researchers Alexey Osipov and Alexander Zaitsev gave a presentation titled "Adventures in Femtoland: 350 Yuan for Invaluable Fun" at the BlackHat USA 2015 Conference on August 5 2015 and mentioned Huawei UAP2105 in the presentation. Huawei immediately launched an investigation.

Huawei has finished the investigation and confirmed that the UPA2105 product was affected by this vulnerability. Fix for UAP2105 is available. Huawei PSIRT has released a security advisory (SA). The link is:

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-452865.htm

2015-09-02 FINAL Update the progress and add the SA link

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.