Description
Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
Published: 2026-06-09
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a permission‑control flaw in the call handling logic of Huawei’s EMUI user interface and HarmonyOS operating system. Because the flaw allows access to call functions without proper authorization, an attacker who can influence call initiation may cause the system to become unavailable. The description explicitly states that successful exploitation may affect availability, indicating that the primary consequence is denial of service rather than compromise of confidentiality or integrity.

Affected Systems

Affected systems include Huawei products running the EMUI interface and HarmonyOS operating system. Version details are not specified in the advisory, so the flaw may apply to multiple revisions of both platforms.

Risk and Exploitability

The severity of the flaw is moderate, reflected in a CVSS score of 5.9. EPSS data is missing and the vulnerability is not currently listed in CISA’s KEV catalog, suggesting no widespread public exploitation. Based on the description, the likely attack vector is local or requires the ability to craft malicious call requests, and its exploitation could result in device unavailability. While the lack of a documented exploit and moderate CVSS indicate a limited threat, administrators should remain vigilant until a vendor patch is released.

Generated by OpenCVE AI on June 9, 2026 at 09:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the Huawei consumer bulletin for any available firmware or software updates that address the call‑handling permission flaw.
  • Apply the update or patch to EMUI or HarmonyOS as soon as it becomes available.
  • Monitor Huawei’s security releases for new advisories or additional mitigations.

Generated by OpenCVE AI on June 9, 2026 at 09:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 09:45:00 +0000

Type Values Removed Values Added
Title Permission Control Vulnerability in Huawei EMUI and HarmonyOS Call Handling

Tue, 09 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Huawei
Huawei emui
Huawei harmonyos
Vendors & Products Huawei
Huawei emui
Huawei harmonyos

Tue, 09 Jun 2026 07:45:00 +0000

Type Values Removed Values Added
Description Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.
Weaknesses CWE-840
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

Subscriptions

Huawei Emui Harmonyos
cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2026-06-09T13:03:36.034Z

Reserved: 2026-04-23T01:42:44.929Z

Link: CVE-2026-41973

cve-icon Vulnrichment

Updated: 2026-06-09T13:03:31.549Z

cve-icon NVD

Status : Deferred

Published: 2026-06-09T08:16:27.580

Modified: 2026-06-09T13:34:58.997

Link: CVE-2026-41973

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T09:30:36Z

Weaknesses