CVE-2026-20419

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-20419
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/February-2026 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:mediatek:nbiot_sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989tb:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
History

05 Feb 2026, 17:16

Type Values Removed Values Added
Summary
  • (es) En el firmware de AP/STA de WLAN, existe una posible falta de respuesta del sistema debido a una excepción no capturada. Esto podría llevar a una denegación de servicio remota (proximal/adyacente) sin necesidad de privilegios de ejecución adicionales. No se necesita interacción del usuario para la explotación. ID de parche: WCNCR00461663 / WCNCR00463309; ID de problema: MSV-4852.
CVSS v2 : unknown
v3 : 7.5 		v2 : unknown
v3 : 6.5

03 Feb 2026, 21:27

Type Values Removed Values Added
First Time Mediatek software Development Kit
Mediatek mt8893
Mediatek nbiot Sdk
Mediatek mt8910
Openwrt
Mediatek mt8668
Mediatek mt8775
Mediatek mt7922
Mediatek mt7925
Mediatek mt7927
Mediatek mt7916
Mediatek mt7920
Mediatek mt8196
Mediatek mt8793
Mediatek mt8791t
Mediatek mt8796
Mediatek mt8676
Mediatek mt8678
Mediatek mt8792
Mediatek mt7981
Mediatek mt7902
Mediatek mt8873
Openwrt openwrt
Mediatek mt6890
Mediatek mt8883
Mediatek mt6989tb
Mediatek mt7986
Mediatek mt7915
Mediatek
Mediatek mt7921
References () https://corp.mediatek.com/product-security-bulletin/February-2026 - () https://corp.mediatek.com/product-security-bulletin/February-2026 - Vendor Advisory
CPE cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:a:mediatek:nbiot_sdk:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989tb:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*
cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*

02 Feb 2026, 14:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5

02 Feb 2026, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-02 09:15

Updated : 2026-02-05 17:16

NVD link : CVE-2026-20419

Mitre link : CVE-2026-20419

CVE.ORG link : CVE-2026-20419

JSON object : View

Products Affected

mediatek

  • mt8678
  • mt7921
  • mt8883
  • mt7916
  • mt7902
  • mt8676
  • mt7922
  • mt8893
  • nbiot_sdk
  • mt7927
  • mt8792
  • software_development_kit
  • mt8796
  • mt8791t
  • mt7981
  • mt8775
  • mt7925
  • mt6989tb
  • mt8873
  • mt6890
  • mt7920
  • mt8793
  • mt7986
  • mt8196
  • mt7915
  • mt8910
  • mt8668

openwrt

  • openwrt
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions