Description
DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.
Published: 2026-06-09
Score: 5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A faulty integer operation in the log service allows an attacker to trigger a Denial of Service by sending crafted input that overflows an internal counter. The flaw is identified as CWE‑190, indicating an integer overflow weakness. The impact is loss of availability for the affected device or operating system, since the log service can be stopped or destabilized. The vulnerability affects Huawei EMUI and Huawei HarmonyOS systems. No specific version ranges are provided, so any installation of these operating systems that includes the vulnerable log service may be at risk. The CVSS score of 5.0 reflects a moderate risk rating. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Because the description does not specify required access or network requirements, the likely attack vector is inferred to be a local or remote request to the log service, potentially achievable by a user with the ability to influence log input or by an application with elevated privileges.

Affected Systems

Huawei EMUI and Huawei HarmonyOS are impacted. No specific version ranges are listed, meaning all installations that contain the vulnerable log service could be at risk.

Risk and Exploitability

The CVSS score of 5.0 indicates moderate severity. EPSS is unavailable and the vulnerability is not listed in CISA KEV. The description lacks explicit attack vector details; we infer that an attacker can trigger the overflow by supplying crafted input to the log service, which could be performed locally or remotely if the service is exposed, especially by users or applications that can influence log content.

Generated by OpenCVE AI on June 9, 2026 at 08:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Huawei for any patch or update that addresses the log service integer overflow.
  • Limit log service exposure by restricting access to trusted components only.
  • Disable or secure the logging feature if it is not essential for system operation.

Generated by OpenCVE AI on June 9, 2026 at 08:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Title Denial of Service via Integer Overflow in Huawei Log Service

Tue, 09 Jun 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Huawei
Huawei emui
Huawei harmonyos
Vendors & Products Huawei
Huawei emui
Huawei harmonyos

Tue, 09 Jun 2026 07:45:00 +0000

Type Values Removed Values Added
Description DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.
Weaknesses CWE-190
References
Metrics cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L'}

Subscriptions

Huawei Emui Harmonyos
cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2026-06-09T12:59:21.495Z

Reserved: 2026-04-23T01:42:44.929Z

Link: CVE-2026-41977

cve-icon Vulnrichment

Updated: 2026-06-09T12:59:17.019Z

cve-icon NVD

Status : Deferred

Published: 2026-06-09T08:16:27.927

Modified: 2026-06-09T13:34:58.997

Link: CVE-2026-41977

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T09:00:08Z

Weaknesses