refirm labs
  • Company
    • Leadership
    • Partners
    • Careers
    • News
    • Announcements
  • Products
    • Binwalk Enterprise (Centrifuge)
    • Binwalk Open Source
    • Product Comparison
  • Solutions
    • Enterprise IT
    • Industrial IoT
    • Telecom Providers
    • Device Manufacturers
    • Binwalk for Educators
  • Resources
  • Blog
  • Contact
  • Login
    • Binwalk Enterprise
    • Partner Portal
  • Get a DemoNew
refirm labs
refirm labs
  • Company
    • Leadership
    • Partners
    • Careers
    • News
    • Announcements
  • Products
    • Binwalk Enterprise (Centrifuge)
    • Binwalk Open Source
    • Product Comparison
  • Solutions
    • Enterprise IT
    • Industrial IoT
    • Telecom Providers
    • Device Manufacturers
    • Binwalk for Educators
  • Resources
  • Blog
  • Contact
  • Login
    • Binwalk Enterprise
    • Partner Portal
Get a Demo

Supply Chain Risk: The HiSilicon Backdoor

February 12, 2020

The HiSilicon / Xiongmai Backdoor and 3rd Party Component Risk

Last week saw a flurry of news about a research report by Vladislav Yarmak describing a backdoor in the firmware of DVR/NVR devices built using the video surveillance chips from HiSilicon (a subsidiary of Huawei). The backdoor allowed an attacker to activate the built-in Telnet service and then use hardcoded passwords to get control over the device. The firmware in question is used in devices from dozens of brands.

Huawei Backdoors

Huawei issued a statement denying that the backdoor was introduced by HiSilicon in their SoCs or SDKs. Huawei conveniently pointed the finger at other downstream vendors whose software mistakenly left “debugging” access to the devices. This software was then utilized by many different brands.

Some observers noted that the affected software came from Xiongmai, a Chinese electronics manufacturer with a well known reputation for delivering insecure devices (as covered by Brian Krebs in October 2018).

Secure Your Supply Chain Now

Confusing? What’s not confusing is that devices continue to be brought to market with critical vulnerabilities as a result of poor security practices and unclear sourcing of software components in the cyber supply chain.

Our view is that if you put remote access into firmware for testing purposes–even if it’s disabled–it should be removed before the product is released.

This is another example of 3rd party binaries being introduced into network-connected devices without proper security vetting or validation. Whether vulnerabilities are malicious or caused by human error, companies need better visibility into the security of their supply chain components.

Detecting the Backdoor with Centrifuge Platform®

We’ve had a busy week at ReFirm Labs. First we released our analyzer to detect the CableHaunt cable modem vulnerability, which is another example of supply chain risk. Then we followed up with our newest detector to identify binary firmware images containing the HiSilicon / Xiongmai backdoor:

Security Checklist Backdoor Scan

Let’s secure your supply chain. Contact us today.

Share Post
Reverse Engineering My Router&...
United States Senate | Liberty | E Pluribus Unum
Senator Urges Vendors to Secur...

Recent Posts

  • Doorbells and IoT Security Certification: Retailers Need to Step Up

    February 4, 2021

    Backdoors in popular consumer doorbells and security cameras made by Merkury/Geeni are still available from top trusted retailers in the US such as Walmart, Amazon, ...
  • Florida Tech Cybersecurity Researchers Discover Hidden Vulnerabilities in Wireless Doorbells, Cameras

    February 4, 2021

    The market for internet-connected smart doorbells and security cameras has grown substantially over the last couple of years. We recently discovered four significant vulnerabilities in ...
  • IoT Security Compliance and Enforcement

    January 4, 2021

    IoT devices will need to adopt the same basic security requirements and compliance seen in traditional IT systems. Read to learn more.
See All >
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 10
  • >>

refirm labs Logo

8110 Maple Lawn Blvd.
Suite 200
Fulton, MD 20759

info@refirmlabs.com
Call +1 (240) 389-2443
Popular
  • About Us
  • Products
  • Resources
  • Blog
Solutions
  • Enterprise IT
  • Industrial IoT
  • Telecom Providers
  • Device Manufacturers

Facebook

  • Privacy Policy
  • Terms of Use

ReFirm Labs, Inc.