This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our private policy>

Security Notice - Statement about the OpenSSL DROWN Vulnerability

  • Initial Release Date: 2016-03-02
  • Last Release Date: 2016-03-30

Huawei noticed that a DROWN (Decrypting RSA with Obsolete and Weakened eNcryption, CVE-2016-0800) vulnerability was disclosed by OpenSSL on March 1st, 2016. Huawei immediately launched a thorough investigation.

Huawei has delivered Security Advisory. Customers can get necessary support for product security vulnerabilities through Huawei local technical service. The link of the security advisory is:

 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-openssl-en

2016-03-30 V1.1 FINAL added SA link
2016-03-02 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism. Please report to Huawei PSIRT at psirt@huawei.com if you find any security vulnerability of Huawei products.