Report Vulnerabilities

Security vulnerability refers to the defect or weakness that may be exploited to breach the system security mechanism in the system design, deployment, operation or management.

Vulnerability reporters can submit potential vulnerabilities to Huawei PSIRT by email. As the vulnerability information is extremely sensitive, we strongly recommend you to use our public PGP key to encrypt the information when you report a potential security vulnerability to Huawei PSIRT（link to the key: key ID 0x7E3C7F69 ; fingerprint: DC9D 0676 B289 30A1 D12C 765A 6461 9D10 7E3C 7F69). Please direct these emails to [email protected]. It is important to include at least the following information in the email:

• Organization and contact name
• Your Reference
• Products or solutions and versions affected
• Description of the potential vulnerability
• Supporting technical details (such as system configuration, traces, description of exploit/attack code, sample packet capture, proof of concept, steps to reproduce the issue)
• Information about known exploits
• Disclosure plans, if any