Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Routers from China’s Huawei Vulnerable to Trivial Levels of Attack

In a talk on router hacking during Def Con on Sunday, Recurity Labs’ Felix (FX) Lindner told those in attendance that for the 20th anniversary of Def Con, the gift was China. This is because he was about to give a presentation on the seriously security challenged status of routers manufactured by Huawei.

UpdateChina’s Huawei Responds to US Hackers

In a talk on router hacking during Def Con on Sunday, Recurity Labs’ Felix (FX) Lindner told those in attendance that for the 20th anniversary of Def Con, the gift was China. This is because he was about to give a presentation on the seriously security challenged status of routers manufactured by Huawei.

UpdateChina’s Huawei Responds to US Hackers

The talk focused on the fact that Huawei routers were easily compromised. The AR series routers from Huawei (AR18 and AR29) that were tested are marketed for SMBs and smaller networks.

The firmware on the two models tested were found to be vulnerable to trivial exploits; including session hijacking, and stack overflows and heap overflows. One vulnerable function within the firmware of the routers, named ‘sprintf’, has more than 10,000 calls to it, meaning there are plenty of ways to target it.

Presently, the vulnerable hardware found in Asia and the Middle East, but that could change if Huawei gets their way, as they are pushing for expansion in Europe and the U.S.

Researchers FX and Gregor Kopf focused on routers from Huawei that are used in the home and office, but only because the equipment used by telecommunications firms was unavailable. Still, they share the same framework the researchers noted, so the big boxes are likely just as vulnerable.

Sam Erdheim, senior security strategist for network security firm AlgoSec, said that vulnerabilities such as the ones disclosed by Recurity Labs are at the root of security challenges. “It does no good to worry about threats when your core networking devices are providing attackers with an easy way to gain unauthorized access to systems and information.”

When asked about reports earlier this month that firms such as Huawei have pervasive access to a majority of the world’s telecoms. FX commented that nobody needs a backdoor, as the flaws exposed during his talk represent “plausible deniability.”  

Advertisement. Scroll to continue reading.

FX, also blasted Huawei for not having an easily accessible security contact. He hopes that the disclosure of numerous flaws will force the company to fix its problems, while acting as a wake-up call to their customers.

UpdateChina’s Huawei Responds to US Hackers

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.