CVE-2026-20419

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-20419

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

I

n wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/February-2026 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:mediatek:nbiot_sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989tb:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
History

05 Feb 2026, 17:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5 		v2 : unknown
v3 : 6.5
Summary
  • (es) En el firmware de AP/STA de WLAN, existe una posible falta de respuesta del sistema debido a una excepción no capturada. Esto podría llevar a una denegación de servicio remota (proximal/adyacente) sin necesidad de privilegios de ejecución adicionales. No se necesita interacción del usuario para la explotación. ID de parche: WCNCR00461663 / WCNCR00463309; ID de problema: MSV-4852.

03 Feb 2026, 21:27

Type Values Removed Values Added
References () https://corp.mediatek.com/product-security-bulletin/February-2026 - () https://corp.mediatek.com/product-security-bulletin/February-2026 - Vendor Advisory
CPE cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*
cpe:2.3:a:mediatek:nbiot_sdk:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989tb:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
First Time Mediatek mt8676
Mediatek mt6989tb
Mediatek mt7925
Mediatek mt7915
Mediatek mt8893
Mediatek nbiot Sdk
Mediatek mt8791t
Mediatek mt7916
Mediatek mt7922
Mediatek mt7902
Mediatek mt8792
Mediatek mt8793
Mediatek mt8796
Mediatek mt6890
Mediatek mt8668
Mediatek mt7920
Openwrt openwrt
Mediatek mt7986
Mediatek mt8883
Mediatek mt8196
Mediatek mt7921
Mediatek
Mediatek mt8873
Mediatek mt8910
Mediatek mt7927
Mediatek software Development Kit
Mediatek mt8678
Openwrt
Mediatek mt8775
Mediatek mt7981

02 Feb 2026, 14:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5

02 Feb 2026, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-02 09:15

Updated : 2026-02-05 17:16

NVD link : CVE-2026-20419

Mitre link : CVE-2026-20419

CVE.ORG link : CVE-2026-20419

JSON object : View

Products Affected

mediatek

openwrt

CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions