A subsidiary of the tech giant Huawei has built backdoors in its processor technology and will not remove them, Vladislav Yarmak, who works as a systems architect at Mail.ru Group said.
According to his estimation, millions of devices around the world have the vulnerability.
A backdoor has been detected on HiSilicon processors used in digital recorders, network surveillance cameras, webcams, and more. According to him, this gap is directly related to four vulnerabilities in the chips of this brand, discovered between 2013 and 2017.
As noted by Vladislav Yarmak, he did not inform the company about his find, as he considered it was unable (or unwilling) to close the vulnerability.
In his Habr blog, he said that HiSilicon “throughout all these years could not or did not want to release the necessary corrections for the same backdoor, which, moreover, was intentionally implemented.”
He also told CNews that HiSilicon representatives did not contact him after the publication of the study, and that in public discussions he had not noticed any reaction from the company.
HiSilicon is a subsidiary of the Chinese tech giant Huawei, it was founded in 2004 and is developing processors, including Kirin for mobile devices (smartphones, tablets) and Kunpeng for servers that Huawei manufactures in Russia.
Also, in its range there are Balong communication modems and chips for various electronics. The company does not have its own factories – Taiwanese TSMC is engaged in the production of its products.
You can use the back door in HiSilicon processors by sending a series of specific commands to TCP port 9530 in network devices with chips from this manufacturer.
These commands allow you to activate the Telnet service on the device and connect to the superuser profile using the “root” login and one of six passwords – 123456, jvbzd, hi3518, k1v123, xc3511 or xmhdipc. After that, the user will be given full control over the device.
All six login / password pairs are built directly into the processor firmware and cannot be deleted or changed by the user. TCP port 9527 accepts the same passwords.
the time of publication, the exact number of devices with “leaky” Huawei processors was not known.
Vladislav Yarmak told CNews the following:
“Now other researchers have joined the work and are clarifying this, as well as looking for new features of this firmware. It is likely that only devices with modules from Xiaong Mai, which in turn are based on HiSilicon and are already branded by different manufacturers of end products for the consumer, are vulnerable to firmware. Specifically, this vulnerability clearly does not apply to tablets and smartphones – it is built into software specific for video surveillance devices.”
On the GitHub website, there is a list of devices whose technology had vulnerabilities identified in them, and the list is comprised of more than 80.
As noted by Vladislav Yarmak, there can be a lot of compromised devices around the world. He did not give the exact number, but noted that there could be from several hundred thousand to several million.
Separately, on February 12th, the Wall Street Journal reported that the US accused Huawei of spying through “technological backdoors.”
According to the outlet, US officials said Huawei has had this technology for over a decade.
The US kept this information highly classified until it started sharing it in 2019 with allies like Germany and the UK in a bid to get them to freeze out Huawei equipment from their 5G networks, the report said.
Unnamed US officials claimed that Huawei built equipment allowing it to tap into telecoms using interfaces designed only for law enforcement without alerting the carriers.
“Huawei does not disclose this covert access to its local customers, or the host nation national-security agencies,” a senior US official told the newspaper.
A Huawei spokeswoman denied these allegations:
“US allegations of Huawei using lawful interception are nothing but a smokescreen — they don’t adhere to any form of accepted logic in the cyber security domain. Huawei has never and will never covertly access telecom networks, nor do we have the capability to do so,” she said.
“Huawei is only an equipment supplier. In this role, accessing customer networks without their authorization and visibility would be impossible. We do not have the ability to bypass carriers, access control, and take data from their networks without being detected by all normal firewalls or security systems. In fact, even The Wall Street Journal admits that US oﬃcials are unable to provide any concrete details concerning these so-called ‘backdoors.'” the spokeswoman added.
In turn, Huawei had its own counter-accusations of the US, saying it was hypocritical of it to make any such claims.
“As evidenced by the Snowden leaks, the United States has been covertly accessing telecom networks worldwide, spying on other countries for quite some time. The report by the Washington Post this week about how the CIA used an encryption company to spy on other countries for decades is yet additional proof,” the spokeswoman said, and she mentioned that the Wall Street Journal showed “bias” in its reporting toward the Chinese tech giant.
MORE ON THE TOPIC:
- Huawei To Install Rostelecom’s Aurora OS On 360,000 Tablets For 2020 Census In Russia: Reuters
- “Invisible Hand of the Market”: Google Restricts Huawei’s Access to Android
- Trump Signs Executive Order Banning Huawei From US Market