Vodafone found security flaws in Huawei kit years ago

Vodafone has revealed that it found security flaws in equipment provided by Chinese hardware maker Huawei to its Italian business in 2011 and 2012.

The world's second largest mobile operator said that it had found security vulnerabilities in two products though both incidents were quickly resolved by the Chinese firm.

Huawei has faced increased scrutiny as the US has told its allies not to use its technology over concerns of Chinese spying. Back in January, Vodafone paused the deployment of the firm's equipment in its core networks as it waits for Western governments to give the Chinese company full security clearance.

The British government is still deciding what role Huawei's equipment will play in a future 5G network but it plans to announce its final decision in the next month.

A government report released in March criticized the company for failing to fix long-standing security issues. British security officials said that they had found “several hundred vulnerabilities and issues” with Huawei's equipment in 2018.

Security flaws

The software vulnerabilities discovered by Vodafone in 2011 and 2012 were promptly fixed by Huawei and the telecom said that it had found no evidence of any unauthorized access.

A spokesperson for the company provided more details on the vulnerabilities, saying:

“The issues were identified by independent security testing, initiated by Vodafone as part of our routine security measures, and fixed at the time by Huawei.” 

According to Vodafone, the vulnerabilities arose from the use of Telnet which is a protocol used by vendors to perform diagnostic functions. Telnet allows equipment manufacturers to communicate with their products after they have been deployed.

Via Reuters



from TechRadar - All the latest technology news http://bit.ly/2GTJZII

Comments