The telecoms kit manufacturer Huawei says it has 'taken on board' criticisms of its routers' security capabilities, made by a German hacker earlier this month.
Some, including a US congressional committee, suspect the Chinese firm may be putting backdoors into its kit for the benefit of state spies (this has never been proven). However, hacker Felix Lindner told a security conference there are "so many vulnerabilities" with Huawei's equipment that backdoors would not be needed in order to intercept and manipulate traffic running through it.
Now, Reuters reported on Wednesday, Huawei security chief John Suffolk has said the company is sending a team of engineers to speak with Lindner about the flaws.
"We've very much taken on board Felix's views and you'll see over the coming period we've got a whole host of significant operations to deal with these issues," Suffolk — the former UK government CIO — was quoted as saying at a New Delhi cybersecurity conference.
The report suggests that this is a change of tack by Huawei, which does not usually co-operate with security researchers pointing out vulnerabilities in its systems.
The flaws revealed by Lindner affect a variety of Huawei's routers, from those used in core networks to those placed in customers' premises. The researcher criticised security features such as Huawei's bootloader protection, which he said was configured in a way that would make it possible to load new software on the company's routers.
Lindner's talk this month was not the first time he revealed these vulnerabilities — he covered the same ground in a July talk — but it was the first time he had Huawei representatives sitting in his audience.