There was an article a few days ago about a software backdoor built by a different company that was unrelated to the actual silicon. Is this the same vulnerability, or is this one actually implemented in silicon?
Same vulnerability. The reason HiSilicon couldn't provide the fix is that they didn't write the firmware running on those devices, Xiongmai did. This information was added as an update to the original writeup.
Same vulnerability. The reason HiSilicon couldn't provide the fix is that they didn't write the firmware running on those devices, Xiongmai did. This information was added as an update to the original writeup.