This is the last day of the “Hack In the Box” (HITB) security conference, being held at Kuala Lumpur in Malaysia. With this year’s conference, HITB completed ten years, since it started back in 2003. Felix “FX” Lindner, A security researcher at the HITB event this year has identified a simple yet alarming Huawei router vulnerability. It is alarming, because according to the researcher, one does not need a backdoor program to get access to the device in the first place, and it affects all Huawei devices allowing for easy control over entire networks.
The code running on Huawei routers is archaic and is rigged with security holes. Huawei being the largest producer of telecom equipment in the world, it should take care to resolve this problem if it wants to retain its customers. Recently, Huawei is in news often, because of an ongoing investigation on Huawei and ZTE, two prominent network operators. ZDNet writes,
Lindner made headlines after DefCon in July when he presented a talk showing Chinese Huawei routers to be so riddled with security holes that they were fairly trivial – potentially ideal – for attackers to reconfigure, intercept, monitor and alter all traffic that runs through them.
Clearly, Huawei is well aware of the problem, since it was notified about the same back in July, when Lindner covered the same topic at DefCon. Huawei is having a tough time with all the bad press. However, it needs to make up and take care of this mess, before it starts World War III.