Cisco abuses Huawei’s code to develop products?

Recently, Huawei announced 19 security announcements, 18 of which involve high-risk vulnerabilities. The remaining announcement is a low-level vulnerability involving 250, 350, 350X and 550X series switches. This small problem is not serious.

From this flaw, it was discovered that Cisco – an American technology giant – used certificates and product development keys of Chinese competitors (Huawei). Specifically, Cisco developers used open source code packages from Futurewei (a subsidiary of Huawei) during product testing. However, the US company forgot to delete the relevant components after testing.

Marion Florian Lukavsky, CEO of SEC Technologies, told ZDNet: "We found Huawei certifications in the firmware. Because this can cause political controversy, we ask permission not to comment further. This is the certificate to end the firmware. They are used in testing by Cisco developers and they simply forgot to delete the certificate before releasing it for devices. ”

Cisco said that the certificate and key files they use are part of the OpenDaylight open source package. Their purpose is to test software functionality with OpenDaylight routines. Cisco claims they do not use this code for any feature on their products. You can learn more about Cisco explanation notice here.

Reference: Gizchina