The Russian security expert Vladislav Yarmak has published technical details about a backdoor mechanism he discovered in HiSilicon chips.
The backdoor mechanism could allow attackers to gain root shell access and full control of
The expert did not disclose the flaw to HiSilicon due to the lack of trust in the vendor to address the issue.
Earliest versions of the devices had access enabled with a static root can be recovered from with (relatively) little computation effort.
More recent firmware versions had Telnet access and debug port (9527/
“Most recent firmware versions have open port 9530/
“Apparently, all these years HiSilicon was unwilling or incapable to provide adequate security fixes for same backdoor which, by the way, was implemented intentionally.”
Below the backdoor activation p
The bad news for the users is that currently
“Taking into account earlier bogus fixes for that vulnerability (
As mitigation, users are recommended to “completely restrict network access to these devices to trusted users.”
According to the expert, there are dozens of brands and hundreds of model vulnerable to hack, he referred to previous research conducted by another researcher that listed some of the vulnerable brands.
(SecurityAffairs – HiSilicon chips, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.