Some Huawei products automatically generate self-signed certificates upon the first use. The random numbers used to generate these certificates are not random enough. Different devices’ certificates may use the same random number consequently, which contains the risk of an attacker compromising the certificates. (Vulnerability ID: HWNSIRT-2016-05255)
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160720-01-certificate-en
Vendor | Product | Version | CPE |
---|---|---|---|
huawei | s2300_firmware | v100r006c05 | cpe:2.3:o:huawei:s2300_firmware:v100r006c05:*:*:*:*:*:*:* |
huawei | s2300_firmware | v200r003c00 | cpe:2.3:o:huawei:s2300_firmware:v200r003c00:*:*:*:*:*:*:* |
huawei | s2300_firmware | v200r005c00 | cpe:2.3:o:huawei:s2300_firmware:v200r005c00:*:*:*:*:*:*:* |
huawei | s2700_firmware | v100r006c05 | cpe:2.3:o:huawei:s2700_firmware:v100r006c05:*:*:*:*:*:*:* |
huawei | s2700_firmware | v200r003c00 | cpe:2.3:o:huawei:s2700_firmware:v200r003c00:*:*:*:*:*:*:* |
huawei | s2700_firmware | v200r005c00 | cpe:2.3:o:huawei:s2700_firmware:v200r005c00:*:*:*:*:*:*:* |
huawei | s3300_firmware | v100r006c05 | cpe:2.3:o:huawei:s3300_firmware:v100r006c05:*:*:*:*:*:*:* |
huawei | s3700_firmware | v100r006c05 | cpe:2.3:o:huawei:s3700_firmware:v100r006c05:*:*:*:*:*:*:* |
huawei | s5300_firmware | v200r003c00 | cpe:2.3:o:huawei:s5300_firmware:v200r003c00:*:*:*:*:*:*:* |
huawei | s5300_firmware | v200r005c00 | cpe:2.3:o:huawei:s5300_firmware:v200r005c00:*:*:*:*:*:*:* |