Europe’s biggest mobile phone operator said on Tuesday that it found “vulnerabilities” in consumer equipment supplied by the Chinese telecoms company to Vodafone Italia between 2009 and 2012.
Vodafone and Huawei both confirmed the vulnerabilities were discovered in the Chinese routers, but denied allegations in a report by Bloomberg that the security lapses amounted to “hidden backdoors” that could be used to spy on millions of people’s internet browsing.
The emergence of the security lapses – which according to Bloomberg were also found in Vodafone’s networks in the UK, Germany, Spain and Portugal – comes as the US tells the UK to ban Huawei from forthcoming 5G networks due to fears the Chinese state could use the technology to spy on western governments.
The US said on Monday that it would review intelligence sharing with the UK if Theresa May did not reverse her decision to allow Huawei’s equipment to be used in the UK’s next-generation mobile network. Robert Strayer, a deputy assistant secretary at the US state department, said the use of the Chinese company’s equipment in any area of the UK’s 5G network was “an unacceptable risk”.
Huawei said in a statement: “The story published by Bloomberg today is misleading. It refers to a maintenance and diagnostic function, common across the industry, as well as vulnerabilities, which were corrected over seven years ago. There is absolutely no truth in the suggestion that Huawei conceals backdoors in its equipment.”
A spokesman for Vodafone said: “The ‘backdoor’ that Bloomberg refers to is telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet. Bloomberg is incorrect in saying that this ‘could have given Huawei unauthorised access to the carrier’s fixed-line network in Italy’.