The UK NCSC has been pretty damning about Huawei’s approach to patching. The Italians are joining in now…:
[…] These vulnerabilities over web applications, as new as it may sound, isn’t to those who’ve been keeping track of Huawei these last several weeks. Finite State published its own scathing report of Huawei’s software loopholes and vulnerabilities, with the firm discovering that at least 55% of Huawei’s devices have “potential backdoors” that could be exploited by hackers or even the Chinese Government.
The Huawei-backed Huawei Cyber Security Evaluation Centre (HCSEC) has continued to assert that Huawei has known software vulnerabilities it has failed to patch up over at least the last year.
Just this week, Huawei CEO Ren Zhengfei says that consumer privacy is important to Huawei, that it patterns itself after Apple when it comes to protecting its users. But if that is so, why would all these overwriting vulnerabilities exist in Huawei’s software? Why allow at least half of your devices to have potential backdoors that can be exploited, if you want to see consumer privacy realized with customers?