The CN component of the subject field of a certificate is used as the Publisher name in a security dialog. If the CN field is missing, "Unknown" will be displayed, which is not user-friendly. Also there are additional components in the distinguished name that can be used to identify the certificate's subject.
If the CN field is empty, I think we should display the OU field (and maybe the O field as well).
This is likely to become a more common scenario. The CA/Browser Forum has made a recommendation discouraging the use of the CN field in section 9.2.2 of the baseline requirements v1.1.6 and 9.2.3 of the EV Code Signing Guidelines: