• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 20th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Security » Malware » Lenovo removes backdoor present in networking switches since 2004

Lenovo removes backdoor present in networking switches since 2004

January 13th, 2018 Waqas Malware, Security 0 comments
Lenovo removes backdoor present in networking switches since 2004
Share on FacebookShare on Twitter

Engineers at Chinese firm Lenovo have identified a backdoor in the networking switched namely Rackswitch and BladeCenter firmware. The company stated that the backdoor, referred to in the company’s security advisory (CVE-2017-3765) as “HP backdoor,” was discovered after carrying out an internal security audit of firmware for all the products featuring in its portfolio after acquisitions of other firms. It was revealed that the backdoor affects the above-mentioned networking switches’ Enterprise Network Operating System (ENOS).

Reportedly, ENOS received the backdoor in 2004, at the time it was maintained by Nortel’s Blade Server Switch Business Unit (BSSBU). Understandably, Lenovo is claiming that Nortel must have authorized the backdoor addition upon request of a “BSSBU OEM customer.” The backdoor code seems to have remained hidden in the firmware after the BSSBU was spun off by Nortel as BLADE Network Technologies (BNT) in 2006 and even after IBM acquired BNT in 2010, while Lenovo bought BNT portfolio from IBM in 2014.

For both the networking switches, Lenovo has released updates and has stated that the company never allows mechanisms that can bypass authentication or authorization or that doesn’t follow product security practices at Lenovo to exist.

“Lenovo has removed this mechanism from the ENOS source code and has released updated firmware for affected products,” explained Lenovo in its security advisory.

Researchers at Lenovo claim that the HP backdoor is difficult to exploit because it requires strict conditions for being implemented given that the backdoor isn’t a hidden account but merely an authentication bypassing method.

A variety of methods are supported by the abovementioned switches including Telnet, SSH, a serial console and a web-based interface. Exploitation of backdoor is possible only when affected switches have different authentication methods and security features turned on or off.

Updates for Lenovo but also IBM switches

The backdoor wasn’t identified in the Cloud Network Operating System (CNOS) hence, switches that run on CNOS are safe. Updates for both new switches that bear the brand name of Lenovo and for older IBM brand switches are available as these still run on ENOS. Lenovo’s security advisory also features a list of switches that have been updated as well as download links to the firmware.

More: Lenovo to Pay $3.5m for Secretly Installing Adware in 750,000 Laptops

Source: Lenovo, H/T: BleepingComputer, Top, featured image via DepositPhotos/BeeBright

  • Tags
  • backdoor
  • hacking
  • HP
  • internet
  • Lenovo
  • Malware
  • Privacy
  • security
  • Technology
  • Vulnerability
Facebook Twitter Google+ LinkedIn Pinterest
Previous article 60 Android apps for kids found infected with Pornographic malware
Next article Cisco's new tool will detect malware in encrypted traffic
Waqas

Waqas

Waqas Amir is a UK-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.

Related Posts
Download Kali Linux 2019.1 with Metasploit 5.0

Download Kali Linux 2019.1 with Metasploit 5.0

Rietspoof malware distributes ransomware via messaging apps

Rietspoof malware distributes ransomware via messaging apps

Torrent uploader CracksNow caught distributing GrandCrab ransomware

Torrent uploader CracksNow caught distributing GrandCrab ransomware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
Download Kali Linux 2019.1 with Metasploit 5.0
Downloads

Download Kali Linux 2019.1 with Metasploit 5.0

Feb 19th, 2019 157
Rietspoof malware distributes ransomware via messaging apps
Security

Rietspoof malware distributes ransomware via messaging apps

Feb 19th, 2019 220
Most & least radiation emitting smartphones in 2019
Technology News

Most & least radiation emitting smartphones in 2019

Feb 18th, 2019 1144
Torrent uploader CracksNow caught distributing GrandCrab ransomware
Cyber Crime

Torrent uploader CracksNow caught distributing GrandCrab ransomware

Feb 18th, 2019 233

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in Milan, Italy.

Follow us