This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Security Notice - Statement on the Media Disclosure of the Security Vulnerabilities in the Intel CPU Architecture Design

  • Initial Release Date: Jan 04, 2018
  • Last Release Date: Aug 06, 2018

Huawei noticed that media had released information about the security vulnerabilities in the Intel CPU architecture on January 2, 2018. These vulnerabilities allow attackers to obtain kernel memory data through side-channel attacks. On January 3, 2018, Google project Zero disclosed the detailed information of "Meltdown" and "Spectre". Huawei immediately started analysis and investigation and communicated with related CPU and operating system suppliers.

The customers can deploy Huawei NGFWs (Next Generation Firewall) or data center firewalls, and upgrade the IPS signature database to the latest version IPS_H20011000_2018010800 released on January 8, 2018 to detect and defend against this vulnerability exploits initiated from the Internet.

Huawei has delivered Security Advisory (SA) for these vulnerabilities. The link of the SA is: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180106-01-cpu-en. The investigation is still ongoing. Huawei PSIRT will keep updating the SN, Please stay tuned.

Customers should contact Huawei TAC (Huawei Technical Assistance Center) to get necessary support for product security vulnerabilities. For TAC contact information, please refer to Huawei worldwide website at: http://www.huawei.com/en/psirt/report-vulnerabilities.

Carrier customers can log into Huawei Support website to obtain information about the impact: http://support.huawei.com/carrier/docview!docview?nid=NEWS2100007595&path=PBI1-8132379

Affected Products:

1288H V5

CH220

RH1288 V2

2288H V5

CH220 V3

RH1288 V3

2488 V5 

CH221

RH1288A V2

2488H V5 

CH222

RH2265 V2

5288 V3

CH222 V3

RH2268 V2

AR100

CH225 V3

RH2285 V2

AR100-S

CH226 V3

RH2285H V2

AR110-S

CH240

RH2288 V2

AR120

CH242 V3

RH2288 V3

AR120-S

DH320 V2

RH2288A V2

AR1220C

DH321 V2

RH2288E V2

AR1500

DH626 V2

RH2288H V2

AR151-S2

DH628 V2

RH2288H V3

AR160 (Exclude AR160F)

eAPP610

RH2485 V2

AR160-S (Exclude AR160F-S)

eSpace 8950

RH5885 V2

AR2204-XGE

eSpace ECS

RH5885 V3

AR3600

eSpace UMS

RH5885H V3

AR500

eSpace USM

RH8100 V3

AR510

EulerOS

RSE6500

AR532

FusionCloud

SMC2.0

AR550C

FusionCompute

SRG1320E

AR550E

FusionCube

SRG550C

BH622 V2

FusionSphere

UC Audio Recorder

BH640 V2

iManager NetEco 6000

VP9630

CH121

Kunlun 9008

VP9660

CH121 V3

Kunlun 9016

XH320 V2

CH121 V5 

Kunlun 9032

XH321 V2

CH121H V3

MateBook (HZ-W09/ HZ-W19/ HZ-W29)

XH321 V3

CH121L V3

MateBook B200/ MateBook D (PL-W09/ PL-W19/ PL-W29)

XH620 V3

CH121L V5 

MateBook D (MRC-W10/ MRC-W50/ MRC-W60)

XH621 V2

CH140

MateBook E (BL-W09/ BL-W19)

XH622 V3

CH140 V3

MateBook X (WT-W09/ WT-W19)

XH628 V3

CH140L V3

NFVI


Products Confirmed Not Vulnerable:

AC6605

eSpace U1980

OceanStor S5600T

AD9430DN-12-FAT

eSpace U1981

OceanStor S5800T

AD9430DN-24-FAT

FusionAccess

OceanStor S5900

AP2050DN

FusionManager

OceanStor S6800T

AP2050DN-E

iManager U2100

OceanStor S6900

AP2050DN-S

IPC6112-D

OceanStor SNS2120

AP4030TN

IPC6122-D

OceanStor SNS2124

AP4050DN-E

IPC6122-P

OceanStor SNS2224

AP4050DN-HD

IPC6232-IR

OceanStor SNS2248

AP430-E

IPC6611-Z30-I

OceanStor SNS2624

AP5030DN-C

IPC6621-Z30-I

OceanStor SNS3096

AP6010DN-AGN

IPE

OceanStor SNS3664

AP6050DN

MicroDC

OceanStor SNS5120

AP6150DN

NetCOL

OceanStor SNS5192

AP7050DE

NetEngine16EX

OceanStor SNS5384

AP7050DN-E

NIP5000I

OceanStor SNS5604

AP8130DN-W

OceanStor 18500

OceanStor SNS5608

AP9131DN

OceanStor 18500 V5

OceanStor Toolkit

AR1200

OceanStor 18500F V3

OceanStor UltraPath

AR1200-S

OceanStor 18500F V5

OceanStor VIS6300

AR150

OceanStor 18800

OceanStor VIS6600

AR150-S

OceanStor 18800 V3

OceanStor VIS6600T

AR160F

OceanStor 18800 V5

OceanStor VTL Solution

AR160F-S

OceanStor 18800F

OceanStor VTL6900

AR200

OceanStor 18800F V3

OptiX RTN 620

AR200-S

OceanStor 18800F V5

R250D-E

AR2200

OceanStor 2200 V3

RP200

AR2200-S

OceanStor 2600 V3

S12700

AR2500

OceanStor 2600F V3

S5700

AR28-11

OceanStor 2800 V3

S7700

AR29-21

OceanStor 2800 V5

S9700

AR3200

OceanStor 5100 V3

Seco VSM

AR3200-S

OceanStor 5300 V3

Secospace AntiDDoS1500-D

AR46-40

OceanStor 5300 V5

Secospace AntiDDoS1520

AR46-80

OceanStor 5300F V5

Secospace AntiDDoS1550

AR49-45

OceanStor 5500 V3

Secospace AntiDDoS8000

AR530

OceanStor 5500 V5

Secospace AntiDDoS8030

AR550

OceanStor 5500F V3

Secospace AntiDDoS8080

AR-DCP

OceanStor 5500F V5

Secospace AntiDDoS8160

ASG2050

OceanStor 5600 V3

Secospace USG6600

ASG2100

OceanStor 5600 V5

SeMG9811

ASG2150

OceanStor 5600F V3

SMSC

ASG2200

OceanStor 5600F V5

SMSGW

ASG2600

OceanStor 5800 V3

SoftCo

ASG2800

OceanStor 5800 V5

SRG2300

CloudEngine 12800

OceanStor 5800F V3

SRG3300

CloudEngine 5800

OceanStor 5800F V5

TE Desktop

CloudEngine 6800

OceanStor 6800 V3

TE Mobile

CSB

OceanStor 6800 V5

TE30

DP300

OceanStor 6800F V3

TE30-V

DSM

OceanStor 6800F V5

TE40

E6000

OceanStor 6900 V3

TE50

E6000 Chassis

OceanStor 9000

TE60

EG860-D61

OceanStor 9000S

TP3106

ES3000

OceanStor Backup Software

UAP3300

eSpace 7800 Series

OceanStor BCManager

UMA

eSpace 7910

OceanStor DJ

UPS2000

eSpace 7950

OceanStor Dorado2100 G2

USG9500

eSpace IAD

OceanStor Dorado5000 V3

USG9520

eSpace Mobile

OceanStor Dorado5100

USG9560

eSpace NVR6008

OceanStor Dorado6000 V3

USG9580

eSpace NVR6008-1U

OceanStor HDP3500E

VC Integration Module

eSpace NVR6016

OceanStor N8500

ViewPoint 8660

eSpace NVR6032

OceanStor Onebox

ViewPoint GK

eSpace POM

OceanStor ReplicationDirector

ViewPoint MM

eSpace SBC

OceanStor S2200T

ViewPoint RM

eSpace U1910

OceanStor S2600T

VPC620

eSpace U1911

OceanStor S2900

VPC800

eSpace U1930

OceanStor S3900

X6000

eSpace U1960

OceanStor S5500T

X8000


2018-08-06 V2.2 Updated Update the list of the affected and not affected products
2018-04-09 V2.1 Updated Update the list of the affected and not affected products
2018-02-27 V2.0 Updated Update the security notice description information
2018-02-24 V1.9 Updated Update the list of the affected and not affected products
2018-02-11 V1.8 Updated Update the list of the affected and not affected products
2018-01-26 V1.7 Updated Update the list of the affected and not affected products
2018-01-25 V1.6 Updated Update the list of the not affected products
2018-01-18 V1.5 Updated Added the list of the affected products
2018-01-12 V1.4 Updated Added the list of the affected products
2018-01-11 V1.3 Updated Added the list of the affected products
2018-01-09 V1.2 Updated Added the list of the affected products
2018-01-06 V1.1 Updated Added the list of the affected products and SA link
2018-01-04 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.