
Researcher Discloses Critical Flaws Affecting Millions of HiSilicon Chips - ajaviaad
https://cyware.com/news/researcher-discloses-critical-flaws-affecting-millions-of-hisilicon-chips-bc25313a
======
thedingwing
There was an article a few days ago about a software backdoor built by a
different company that was unrelated to the actual silicon. Is this the same
vulnerability, or is this one actually implemented in silicon?

~~~
yorwba
The link to the PoC is the same as for this submission:
[https://news.ycombinator.com/item?id=22251329](https://news.ycombinator.com/item?id=22251329)

Same vulnerability. The reason HiSilicon couldn't provide the fix is that they
didn't write the firmware running on those devices, Xiongmai did. This
information was added as an update to the original writeup.

~~~
fisherjeff
More interesting info on Xiongmai if anyone’s unfamiliar:

[https://krebsonsecurity.com/2018/10/naming-shaming-web-
pollu...](https://krebsonsecurity.com/2018/10/naming-shaming-web-polluters-
xiongmai)

------
stmw
HiSilicon is a subsidiary of Huawei
[https://en.wikipedia.org/wiki/HiSilicon](https://en.wikipedia.org/wiki/HiSilicon)

------
fallous
I'm probably picking nits, but is something intentionally designed and
implemented a "flaw" if it works as intended?

~~~
yumraj
You're right, depends on the perspective.

From Huawei/CCP standpoint it's a feature. For everyone else, it's a flaw.

~~~
fallous
Indeed, and given that this was an intentional design tells you who they truly
believe is their primary "customer."

~~~
yorwba
If the intention was to allow telnet login over the internet, they'd also have
added hole punching so accessing the port doesn't require bypassing the
firewall.

The design is more consistent with a debug feature intended for
troubleshooting by someone on the same LAN. Of course the debug interface
shouldn't be so easy to access, but that's just stupidity, not malice.

