Vodafone Is Said to Have Found Huawei Security Flaws From 2009

Vodafone Group has acknowledged that it found vulnerabilities going back years with equipment supplied by Huawei for the carrier’s Italian business, according to Bloomberg. While Vodafone says the issues were resolved, the revelation may further damage the reputation of a major symbol of China’s global technology prowess.

Europe’s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy. Vodafone asked Chinese company to remove backdoors in home internet routers in 2011 and received assurances from the supplier that the issues were fixed, but further testing revealed that the security vulnerabilities remained, the documents show.

Vodafone also identified backdoors in parts of its fixed-access network known as optical service nodes, which are responsible for transporting internet traffic over optical fibers, and other parts called broadband network gateways, which handle subscriber authentication and access to the internet. “In the telecoms industry it is not uncommon for vulnerabilities in equipment from suppliers to be identified by operators and other third parties,“ the company said.

Huawei said in a statement it was made aware of historical vulnerabilities in 2011 and 2012 and they were addressed at the time. A company spokesman said the flaws in the equipment related to maintenance and diagnostic functions common across the industry, as well as vulnerabilities. “There is absolutely no truth in the suggestion that Huawei conceals backdoors in its equipment.“

However, Vodafone’s account of the issue was contested by people involved in the security discussions between the companies. Vulnerabilities in both the routers and the fixed access network remained beyond 2012 and were also present in Vodafone’s businesses in the U.K., Germany, Spain and Portugal, said the peopleinvolved in the situation who asked not to be indentified. Vodafone stuck with Huawei because the services were competitively priced, they said.