Vodafone Found Security Flaws In Huawei Kit

Vodafone and Huawei have admitted that the UK operator had found security flaws with equipment from the Chinese vendor, back in 2011 and 2012.

The admission comes amid an intense debate surrounding the use of Huawei equipment for 5G networks.

Vodafone of course is one of Huawei’s biggest supporters in the UK. It, alongside Three UK, have campaigned vigorously on Huawei’s behalf. Indeed, last month Vodafone warned that banning Huawei equipment would cost the UK its 5G lead.

Security flaws

But both companies have apparently admitted security flaws were discovered in technology supplied to Vodafone’s Italian network.

The flaws were so serious it could have given Huawei unauthorised access to Italian homes and businesses.

That said however, the flaws are said to have been quickly resolved, according to Reuters.

Vodafone said it had found no evidence of any unauthorized access and that Huawei could not have accessed the fixed-line network in Italy without permission.

“The issues were identified by independent security testing, initiated by Vodafone as part of our routine security measures, and fixed at the time by Huawei,” a Vodafone spokesman told Reuters.

“Software vulnerabilities are an industry-wide challenge,” Huawei said. “Like every information and communications technology vendor we have a well-established public notification and patching process, and when a vulnerability is identified we work closely with our partners to take the appropriate corrective action.”

The vulnerability centred about the use of the Telnet protocol. It allows equipment manufacturers to communicate with their products after they have been deployed.

The admission comes amid growing pressure from the United States on the using of Huawei kit.

US secretary of state Mike Pompeo has previously warned allies that “America may not be able to operate in certain environments if there is Huawei technology adjacent to that”.

And earlier this week a US cyber security official warned that America would reassess sharing information with any allies which use equipment made by China’s Huawei.

British restrictions

Last week the UK’s National Security Council (NSC) reportedly agreed to allow Huawei limited access to help build parts of the network such as antennas and other “non-core” infrastructure.

Vodafone meanwhile is said to have paused the deployment of Huawei equipment in its core networks in January, as it waits for Western governments to give the Chinese company full security clearance.

Earlier this month the technical director of the National Cyber Security Centre (NCSC) had criticised Huawei’s “very, very shoddy” security engineering and said this “poor engineering” could lead to the gear being banned from Westminster and other sensitive areas.

In March British security officials slammed the security defects in Huawei equipment, but they maintained that risks posed by the company could be managed and that they have found no evidence of malicious action on Huawei’s part.

In its fifth annual report, the Huawei Cyber Security Evaluation Centre (HCSEC), which works with the NCSC to oversee Huawei products destined for use in the UK, called attention to “major defects” in the quality of Huawei’s security and software engineering and “concerning issues in Huawei’s approach to software development”.

Do you know all about security? Try our quiz!

Tom Jowitt @TJowitt

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Recent Posts

Hacked Ring Camera Found In Child’s Bedroom

Parental nightmare. Video of young girl being shared online, shows her talking to stranger in her bedroom via hacked camera

2 days ago

Huawei Sidelined In Norway After Telenor Opts For Ericsson

Norway's largest telecom provider Telenor is to phase out Huawei equipment as it opts for 5G kit from Ericsson

2 days ago

Boris Johnson Victory: What It Means For Tech Sector

What does the general election victory of Boris Johnson and the Conservatives mean for the technology sector? Silicon UK takes…

2 days ago

Post Office Settles Horizon IT System Dispute

Post Office to pay nearly £58m after years of fraud disputes with sub postmasters over the Horizon accounting system

3 days ago

YouTube Tightens Harassment Rules With Policy Update

Harassment clampdown. Videos that “maliciously insult someone” or threaten violence will be banned

3 days ago

DoJ To Investigate Google’s Fitbit Acquisition – Report

What you going to do with that data? US Justice Depart will include acquisition probe into its existing Google investigation

3 days ago