Surveillance backdoor is not introduced by the chips and SDKs provided by HiSilicon, proves Huawei

Huawei today came with a reply on a report that alleges Huawei has left a remote debugging and management tool in its firmware used in network-connected video recorders and security cameras.

A researcher mentioned in the report claimed that this security vulnerability is said to be present in the software HiSilicon (Huawei’s Chip making subsidiary) provides with its system-on-chips to customers. These components, backdoor and all are then used by an untold number of manufacturers in network-connected recorders and cameras.

HiSilicon noticed the media report about the suspected security issue in DVRs/NVRs built on HiSilicon video surveillance chips on February 4, 2020: The Telnet service can be enabled via TCP port 9530 and the default password can be exploited to log in and gain control over the device.

Following the media report, HiSilicon said it immediately investigates the security issue mentioned in the report and provides our investigation results as follows:

“The researcher did not explicitly state product models and equipment vendors but inferred that the vulnerability is introduced by HiSilicon chips merely based on that the products use HiSilicon chips and that the firmware obtains the Telnet login password from the /etc/passwd file and logs in to Telnet to get root shell” said Huawei.

The article also mentioned four vulnerabilities back from 2013 to 2017. HiSilicon analyzed the vulnerabilities and found that they were not introduced by the chips or SDKs provided by HiSilicon.

Huawei said it has got in touch with the researcher and made technical clarifications. The researcher has updated the blog information, stating that HiSilicon cannot be blamed for the issue in the specified binary. To protect the customer’s interests, HiSilicon has informed the equipment vendor for immediate handling.