Huawei Routers Contain Multiple Vulnerabilities, Experts Claim

The security of routers made by Chinese firm Huawei Technologies has been called into question by two network-security experts at the Defcon hacking convention.

They said the Huawei routers have very few modern security protections and contain easy-to-find vulnerabilities.

Security Claims

The two researchers – Felix “FX” Lindner and Gregor Kopf, both of Recurity Labs – analysed two small-office routers made by Huawei and found a number of vulnerabilities. The ease with which the flaws were exploited shows that the company appears to have a security process reminiscent of the 1990s, complete with a lack of response to bug reports, Lindner stated in an email interview.

“It’s 1990s code and operating system design,” said Lindner, who heads up Recurity Labs. “The OS has absolutely no mitigations in place; to the contrary, it even has functionality to help you exploit it.”

Huawei, an information and communications technology company with $32 billion (£20.6bn) in sales, has grown quickly since its founding in 1988, threatening established makers of network equipment, such as Cisco Systems. In April, Cisco’s CEO called Huawei a more significant rival than its other domestic competitors, such as Hewlett-Packard. In somewhat prescient comments, CEO John Chambers accused Huawei of not playing by the rules and said customers should be worried about the security of the Chinese firm’s products.

“When you look at companies, one of the things you don’t want to do … you don’t want to have people doubting, will you copy their intellectual property,” Chambers told The Wall Street Journal. “You don’t want to have them doubting about is there security issues, etc.”

Huawei has opened up more about details on the company’s finances but has downplayed its ambitions against other networking vendors.

Modern Measures

Still, the networking vendor needs to do better about the actual security of its products, said Lindner. The company’s routers lack modern security measures, such as the ability to limit the execution of certain portions of memory and randomising the addresses where programs are loaded, a feature known as address space layout randomization (ASLR), he said.

“The low cost of these devices comes at a price: security,” said Lindner.

The key vulnerability, a heap overflow in the router software, combined with the lack of security defenses, makes the routers easy to exploit.

The vulnerabilities “were pretty easy to find and we suspect more of them in the code base,” said Lindner.

The researchers were not able to determine the contact point for the company. Following the Defcon talk on 29 July, the networking vendor issued a statement indicating that vulnerability reports can be sent to their Network Security Incident Response Team (NSIRT), a fact that is not clear from the information online, said Lindner.

In a statement released to the Agence France-Presse, Huawei countered that its system for responding to vulnerabilities and security issues is active and ready.

“Huawei adopts rigorous security strategies and policies to protect the network security of our customers, and abides by industry standards and best practices in security risk and incident management,” the company told AFP.

Think you know security? Test yourself with our quiz!