PatchSiren cyber security CVE debrief
CVE-2026-41973 Huawei CVE debrief
CVE-2026-41973 is a permission control vulnerability in calls with a CVSS score of 5.9 and a severity of MEDIUM. The vulnerability was published on 2026-06-09T08:16:27.580Z and last modified on 2026-06-09T13:34:58.997Z. The impact of successful exploitation is limited to availability. The vendor is currently listed as Unknown Vendor, but evidence suggests a potential link to Huawei [resourceLinkAnnotations:ref-4].
- Vendor
- Huawei
- Product
- HarmonyOS
- CVSS
- MEDIUM 5.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Security teams and administrators responsible for systems or products from the affected vendor should be aware of this vulnerability and take necessary actions to mitigate potential risks.
Technical summary
The vulnerability is described as a permission control issue in calls, which could potentially allow attackers to impact the availability of the affected system or product. The CVSS vector for this vulnerability is CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L [resourceLinkAnnotations:nvd].
Defensive priority
MEDIUM
Recommended defensive actions
- Review and apply available patches or updates from the vendor [resourceLinkAnnotations:ref-4].
- Monitor system logs and network activity for potential exploitation attempts.
- Implement additional security controls, such as access restrictions and authentication mechanisms, to reduce the attack surface.
Evidence notes
The vendor is currently listed as Unknown Vendor, but there is evidence suggesting a potential link to Huawei [resourceLinkAnnotations:ref-4].
Official resources
-
CVE-2026-41973 CVE record
CVE.org
-
CVE-2026-41973 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-41973 was published on 2026-06-09T08:16:27.580Z and last modified on 2026-06-09T13:34:58.997Z.