The Russian security expert Vladislav Yarmak has published technical details about a backdoor mechanism he discovered in HiSilicon chips.
The backdoor mechanism could allow attackers to gain root shell access and full control of
The expert did not disclose the flaw to HiSilicon due to the lack of trust in the vendor to address the issue.
Earliest versions of the devices had access enabled with a static root can be recovered from with (relatively) little computation effort.
More recent firmware versions had Telnet access and debug port (9527/
“Most recent firmware versions have open port 9530/
“Apparently, all these years HiSilicon was unwilling or incapable to provide adequate security fixes for same backdoor which, by the way, was implemented intentionally.”
Below the backdoor activation p
The bad news for the users is that currently
“Taking into account earlier bogus fixes for that vulnerability (
As mitigation, users are recommended to “completely restrict network access to these devices to trusted users.”
According to the expert, there are dozens of brands and hundreds of model vulnerable to hack, he referred to previous research conducted by another researcher that listed some of the vulnerable brands.
(SecurityAffairs – HiSilicon chips, hacking)