Backdoor Found In Lenovo Network Switches

in #security8 years ago

Chinese Lenovo detected backdoor in the firmware of the Rackswitch and BladeCenter network routers when reviewing their device code.

lenovo2.png
kaleidoscope source

Lenovo bought several companies in the past years and inherited their code along with products. They found that the Enterprise Network Operating System (ENOS), running on routers, had built-in backdoor since 2004. Other routers powered by the CNOS (Cloud Network Operating System) are, according to Lenovo, secure.

The specific code was then maintained by Nortel. Lenovo concludes that the backdoor of the Nortel BSSBU (Blade Server Switch Business Unit) is embedded on the desire of one of the OEM customers. Later, in 2006, BSSBU became Blade Network Technologies (BNT), which was then purchased by IBM in 2010.

lenovo-logo.jpgimage source

Lenovo redeemed IBM portfolio in 2014, and all that time the backdoor remained in the code. Lenovo has now repaired and removed the backdoor. They also ensure that the backdoor is not a hidden login account, but a way to bypass authentication, which is activated in very specific circumstances. Regardless of the rarity of the trigger, Lenovo recommends an upgrade.

More security news:
Skype And Signal
Intel Screwed Again
Attack By Screaming
Loapi Malware
Serious Security Hole In MacOS
Critical vulnerabilities in Intel processors
Imgur Hacked
Did you know that you have more than one operating system on your computer?
Android Oreo Bug
Encryption History
Encryption Technology
The Internet Of Ransomware Things
Who is Spying on You? And How to Stop Them?

Enjoy the rest of the day!
logosecko.gif
@seckorama

Sort:  

You got a 3.70% upvote from @upyou thanks to @seckorama!

Coin Marketplace

STEEM 0.04
TRX 0.33
JST 0.099
BTC 63259.71
ETH 1746.78
USDT 1.00
SBD 0.39