The security vulnerabilities of Huawei products have been rapidly increasing every year. Huawei recently said that there was no security problem with its products, reassuring Korean mobile operators who have to select equipment suppliers to build their 5G networks. But analysts are saying that Huawei products have increasing security vulnerabilities.
On July 2, according to CVE Detail, a website specializing in statistics on and analysis of security vulnerabilities, Huawei products were found to have 152 security vulnerabilities as of June of this year. The figure is already close to 169 vulnerabilities found last year.
If this trend holds, more than 300 security vulnerabilities are expected to be found this year alone. This figure outnumbers the combined number of security vulnerabilities found in Huawei products over the past several years. In fact, Huawei products' security vulnerabilities stood at three in 2012 and 12 in 2013 but shot up to 100 in 2016.
Although there have been continuing indications of security vulnerabilities in Huawei equipment, the Chinese company sticks to its position that there is no problem at all. At the Mobile World Congress (MWC) Shanghai 2018 in China last month, Huawei executives definitely said that there was no problem regarding information security issues. “I heard about security concerns regarding Huawei equipment in the Korea market and Huawei has been taking the issue seriously,” said Sean Meng, CEO of Huawei Korea. "Huawei has cooperated with many telecom companies while growing up but no security accidents have happened.”
However, experts say that security vulnerabilities are a serious issue as they can increase channels through which hacking and information leaks can be easily done from outside. Security vulnerabilities have been found in a wide variety of Huawei products ranging from network equipment, servers, software (SW) to operating systems (OSs) this year.
In particular, only overflow vulnerabilities totaled 41. Overflow vulnerabilities can lead to the backdoor problem, the biggest issue in security controversy as well as abnormal failures or the setting of administrator rights. A backdoor is an unauthorized pathway which allows unauthorized users to get their hands on system functions. This issue compelled the US government to prohibit the use of Huawei equipment.
"Although Huawei is emphasizing that no security mishaps have occurred until now but this goes the same for other equipment makers," a security industry expert said. "A matter of concern is not a hacking accident that can be externally revealed but a leak of people’s information via a hidden backdoor."
On the other hand, Huawei comes under criticism for security risks involving its products in China, too. A Chinese newspaper report said that Huawei developed spyware technology for the surveillance of people in February and delivered it to the public security department of the Chinese government.