Security reports have alleged that the Chinese telecommunications company Huawei has been recruiting high-level operatives linked to China’s military and intelligence agencies, the express.co.uk reported.
According to Professor Christopher Balding, who conducted the research, around 100 Huawei’s employees had connections with the Chinese military and state-sponsored hacking operations. The professor described the employees as representatives of the Ministry of State Security (MSS) at Huawei. He also claimed that they’ve worked on “building lawful interception capability into Huawei equipment”.
“Huawei’s co-founder Ren Zhengfei held a senior position within China’s People’s Liberation Army (PLA) before starting the company,” Balding said in a media statement.
Recently, security researchers from cybersecurity firm Swascan revealed that they have discovered multiple vulnerabilities in Huawei’s Web Application and Servers. Swascan stated cybercriminals can exploit the critical vulnerabilities to access sensitive information. The research team said they’ve identified three vulnerabilities that could impact regular operations if exploited.
According to Swascan, the three discovered flaws in Huawei’s web applications include: CWE-119 (Improper Restriction on Memory Buffer) — The hacker can access the memory and can possibly execute malicious codes. CWE-125 (Out-of-bounds Read) — This flaw allows an attacker to read sensitive information. CWE-78 (OS Command Injection) — The attackers can use this flaw to execute unauthorized commands to crash the software and access the restricted data.