Vodafone is Challenging Huawei Report of Telnet 'Backdoor'

Vodafone is Challenging Huawei Report of Telnet 'Backdoor'

Vodafone is challenging a Bloomberg report that security vulnerabilities and backdoors within Huawei networking equipment could have allowed unauthorized access to its fixed-line carrier network in Italy.

The vulnerabilities and backdoors were found in home routers, optical service nodes and broadband network gateways by Vodafone in Italy in 2011 and 2012, Bloomberg reports. Vodafone and Huawei, which remains a Vodafone partner, say the issues were fixed at the time.

Huawei officials couldn't immediately be reached for comment, but the company tells Bloomberg "there is absolutely no truth in the suggestion that Huawei conceals backdoors in its equipment."

The story is causing a stir in part due to terminology. Bloomberg refers to telnet functionality that had been enabled in some Huawei home routers as a "backdoor." Vodafone says that's not the case, but rather that telnet was present for diagnostic purposes but should have been removed.

While the two companies appear to be on the same page now, Bloomberg cites internal documents indicating that Vodafone was irritated with Huawei for re-enabling telnet, which was discovered in another check.

Absent in the story, however, is deeper detail about the vulnerabilities within optical service nodes and broadband network gateways.

The story comes as Huawei faces continued criticism and questions on multiple fronts. The Beijing-based manufacturer continues to refute allegations that it may be influenced by the Chinese government or vulnerable to having its networking equipment and reach be manipulated for intelligence purposes (see Huawei Security Shortcomings Cited by British Intelligence).

Over the past few years, several countries have banned the use of Huawei equipment. Also, its CFO, Meng Wanzhou, faces charges in the U.S. tied to the company allegedly evading sanctions against Iran.

The 'Backdoor': Telnet

As far back as October 2009, Vodafone had spotted telnet functionality within routers, Bloomberg reports. An internal presentation from that time highlighted 26 vulnerabilities in routers, including six "critical" ones and nine categorized as "major."

After testing by an independent contractor, Vodafone Italy found a "telnet backdoor" in January 2011, Bloomberg reports. That posed risks to Vodafone's wide area network, Bloomberg contends.

If it could be posted, it would be posted already, unfortunately. But the issue is not "a telnet service enabled". It is "an undocumented telnet service with hardcoded credentials found by testing, removed upon complaints and then added again in a different way".

— Stefano Zanero (@raistolo) April 30, 2019

Huawei inserted an undocumented, hidden telnet daemon that could have allowed administrative control over routers, Bloomberg reports. But Vodafone takes issue with Bloomberg's use of the term "backdoor" as well as its potential for abuse.

"The 'backdoor' that Bloomberg refers to is telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions," according to a Vodafone statement. "It would not have been accessible from the internet. Bloomberg is incorrect in saying that this 'could have given Huawei unauthorized access to the carrier's fixed-line network in Italy.'"

Advertisement
Marvel Stuff

Telnet is often used to administer routers, and its presence is not unusual, although it can pose a security issue if configured incorrectly or left directly exposed to the internet. But Bloomberg reports that at that time Vodafone didn't allow router manufacturers to manage routers using telnet.

Vodafone says telnet's presence on the routers "was nothing more than a failure to remove a diagnostic function after development."

Irritation with Huawei

Internal Vodafone documents cited by Bloomberg, however, point to past tension.

Vodafone asked Huawei to remove the telnet function, but further testing showed it remained. Then, Huawei allegedly refused to remove telnet, saying it needed the functionality for configuration and testing.

Bloomberg cited an April 2011 internal document written by Bryan Littlefair, Vodafone's CISO at the time.

"What is of most concern here is that actions of Huawei in agreeing to remove the code, then trying to hide it, and now refusing to remove it as they need it to remain for 'quality' purposes," Littlefair wrote, according to Bloomberg.

Bloomberg didn't publish those documents, which may shed greater light on Littlefair's broader thinking toward Huawei. Littlefair, who now is CEO of Cambridge Cyber Advisors, couldn't be immediately reached for comment.

One of Bloomberg's sources is Stefano Zanero, an associate professor of computer security at Politecnico di Milano University. Zanero wrote on Twitter that he has seen the internal Vodafone report that Bloomberg cited, but that it couldn't be publicly posted.

The issue isn't just that telnet was enabled, Zanero writes: "It is 'an undocumented telnet service with hardcoded credentials found by testing, removed upon complaints and then added again in a different way.'"

Still, many computer security experts felt the story has cast an unnecessarily negative light on Huawei, at least given the supposed evidence.

"I saw the report too, it's bullshit in angle," writes Kevin Beaumont, a security researcher based in the U.K. Millions of routers and switches across the world have telnet enabled. Cisco's had something like seven actual backdoor accounts this year so far, I wait for the similar Bloomberg report about them."

Advertisement

#Business Tech News

1 comment

  • Warren
    Warren Wednesday, 08 May 2019 03:57 Comment Link

    It's very simple to find out any matter on net as compared to books, as I found this paragraph at this web
    page. Hey there! I've been following your weblog for some time now and finally got
    the courage to go ahead and give you a shout out
    from Humble Texas! Just wanted to mention keep up the
    fantastic job! I will immediately snatch
    your rss as I can’t find your email subscription link or newsletter service.
    Do you’ve any? Please let me understand so that I may just subscribe.
    Thanks. http://dell.com

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top

Popular Cyber News

Top Tips to Protect Your Business Against Social Media Mistakes

Top Tips to Protect Your Business Against Social Media Mistakes

11 May, 2019

Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or ...

Study Shows Extent of Cyber Risk

Study Shows Extent of Cyber Risk

10 May, 2019

A new study shows SMBs face greater security exposure, but large companies still support vulnerable systems as well. ...

How to Secure your Azure Storage accounts

How to Secure your Azure Storage accounts

14 May, 2019

Enterprise data is growing exponentially and becoming more complicated, making it harder to manage, and an even bigger c...

Vodafone is Challenging Huawei Report of Telnet 'Backdoor'

Vodafone is Challenging Huawei Report of Telnet 'Backdoor'

01 May, 2019

Vodafone is challenging a Bloomberg report that security vulnerabilities and backdoors within Huawei networking equipmen...

Malware: Doesn't need to be new to cause serious damage

Malware: Doesn't need to be new to cause serious damage

05 May, 2019

The good news is: The development of new malware exploits has slowed significantly.

Microsoft adds Plug and Play to IoT

Microsoft adds Plug and Play to IoT

03 May, 2019

Microsoft just announced that it wants to add the advantages of Plug and Play, which allows you to plug virtually any pe...

Twitch streamers take action to secure their accounts against hacks

Twitch streamers take action to secure their accounts against hacks

30 April, 2019

Twitch has an account hacking problem.

Over 22 billion IoT devices are out there

Over 22 billion IoT devices are out there

20 May, 2019

Enterprise Internet of Things (IoT) remains the leading segment, accounting for more than half of the market, with mobil...

Lessons learnt from cyber attacks

Lessons learnt from cyber attacks

07 May, 2019

Communication about cyber attacks emerged as another key theme in the panel discussion. The SingHealth data breach under...

Categories

Home Tech Reviews UK

Mobile Tech Reviews UK

×

Sign up to keep in touch!

Be the first to hear th latest Cyber and Tech News straight to your mailbox.

Check out our Privacy Policy & Terms of use
You can unsubscribe from email list at any time