PatchSiren cyber security CVE debrief
CVE-2026-41977 Huawei CVE debrief
CVE-2026-41977 is a Denial of Service (DoS) vulnerability in the log service. The vulnerability has a CVSS score of 5 and a severity of MEDIUM. According to the CVE record [cve-org], the vulnerability was published on 2026-06-09T08:16:27.927Z and last modified on 2026-06-09T13:34:58.997Z. The vendor is listed as Unknown Vendor [nvd], with potential evidence pointing to Huawei [source-item]. The vulnerability is described as affecting availability if successfully exploited.
- Vendor
- Huawei
- Product
- HarmonyOS
- CVSS
- MEDIUM 5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Administrators and security teams should be aware of this vulnerability, especially if they use products or services related to the log service. Although the vendor is listed as Unknown Vendor, there is evidence suggesting a potential link to Huawei [ref-4] [ref-5].
Technical summary
The CVE-2026-41977 vulnerability is a DoS vulnerability in the log service. It has a CVSS vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L [source-item]. The weakness is classified under CWE-190 [source-item].
Defensive priority
MEDIUM
Recommended defensive actions
- Review and apply patches or updates from the vendor, if available [ref-4] [ref-5].
- Monitor the log service for potential exploitation attempts.
- Implement general security measures to protect against DoS attacks.
Evidence notes
The vendor is currently listed as Unknown Vendor, but there is evidence suggesting a potential link to Huawei. Further review is needed to confirm the vendor and affected products.
Official resources
CVE-2026-41977 was published on 2026-06-09T08:16:27.927Z and last modified on 2026-06-09T13:34:58.997Z.