Risks to UK telecoms infrastructure

In July 2025, Luxembourg’s entire telecoms network was disrupted for more than three hours. Recent reporting suggests the outage was caused by a previously unknown flaw in Huawei routers, with threat actors using specially crafted network traffic to crash and disrupt the devices responsible for managing internet traffic. 10 months after the incident, Huawei has still not issued a public alert, confirmed a software patch or CVE identifier, the standard reference used to catalogue publicly disclosed cyber vulnerabilities.

While the UK has restricted Huawei from its new 5G network, older Huawei routing equipment remains in use across parts of UK telecoms infrastructure. Without any security fix, UK network operators using the same hardware may not be protected, leading to potential disruptions of mobile networks, business connectivity, and critical emergency communications.