In an oversight report published yesterday, investigators at the UK Huawei Cyber Security Evaluation Centre (HCSEC) found a significant vulnerability that would have national implications. These issues were so severe that they were withheld from the company. These vulnerabilities are typically design-related failures that would allow certain actors, such as the Chinese government to carry out a cyberattack.
The National Cyber Security Centre (NCSC) has stated that it doesn’t believe these vulnerabilities are a result of Chinese government interference but, instead reported that “poor software engineering and cyber security processes lead to security and quality issues, including vulnerabilities”.