This page originally referred to a technical section of security advisory ADV-2025-002-B. At the explicit request of Huawei PSIRT (Product Security Incident Response Team), the detailed findings for this portion of the advisory will not be published.

For clarification: the reported issue did not involve a vulnerability in any Huawei product or service. The matter was related to the configuration of one of Huawei Cloud’s individual customer tenants, not a weakness in Huawei’s infrastructure or platform.

Huawei PSIRT has confirmed to SecureLeaf that the reported configuration issue has been fully remediated on the affected tenant. Out of respect for the coordinated disclosure process, and in line with responsible security research practice, we are honoring their request to keep the deep technical details of this particular finding confidential.

No additional customer action is required at this time beyond keeping systems and applications updated in accordance with Huawei’s official security guidance.

SecureLeaf remains committed to transparent, responsible vulnerability disclosure. Where possible we will continue to publish full advisory details, proof-of-concepts, and timelines. In rare cases such as this, certain sections may be withheld when a vendor formally requests it and the underlying risk has been addressed.