Vodafone identified Huawei security flaw decade ago

LONDON — British telecoms group Vodafone tackled a security flaw with Huawei technology a decade ago, it was revealed Tuesday amid widespread concerns over the Chinese giant developing 5G networks abroad.

Bloomberg reported that Vodafone, Europe’s biggest mobile phone company, identified hidden so-called backdoors in software that could have handed Huawei unauthorized access to the carrier’s fixed-line network in Italy used to connect to the internet.

The financial news wire cited Vodafone’s security briefing documents from 2009 and 2011.

Vodafone confirmed to AFP that the issues were resolved but stressed it was incorrect to suggest that the flaw could have allowed unauthorized access to Italy’s fixed-line network.

“The ‘backdoor’ that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet,” Vodafone said in an emailed statement.

“The issues were identified by independent security testing, initiated by Vodafone as part of our routine security measures, and fixed at the time by Huawei,” it added.

Responding to the Bloomberg report, Huawei said:

“We were made aware of historical vulnerabilities in 2011 and 2012 and they were addressed at the time. Software vulnerabilities are an industry-wide challenge.”

Huawei added in its statement that the Chinese group has “a well established public notification and patching process, and when a vulnerability is identified we work closely with our partners to take the appropriate corrective action”.

Huawei is facing pushback in some Western markets over fears Beijing could spy on communications and gain access to critical infrastructure if allowed to develop foreign 5G networks offering instantaneous mobile data transfer.

The United States is adamantly opposed to Huawei’s involvement because of the firm’s obligation under Chinese law to help its home government gather intelligence or provide other security services when required.

British Foreign Secretary Jeremy Hunt has meanwhile urged caution over the role of Huawei in the UK, saying the government should think carefully before opening its doors to the technology giant to develop next-generation mobile networks.

His comments Monday came after media reports said Prime Minister Theresa May had conditionally allowed Huawei to build the UK 5G network.

Bloomberg added in its report that Vodafone chief executive Nick Read “has joined peers in publicly opposing any bans on Huawei from 5G rollouts, warning of higher costs and delays”.

Read more...