FKIE_CVE-2026-20419

Vulnerability from fkie_nvd - Published: 2026-02-02 09:15 - Updated: 2026-02-05 17:16
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.
References
security@mediatek.comhttps://corp.mediatek.com/product-security-bulletin/February-2026Vendor Advisory
Impacted products
Vendor Product Version
mediatek nbiot_sdk *
mediatek software_development_kit *
mediatek mt6890 -
mediatek mt6989tb -
mediatek mt7902 -
mediatek mt7915 -
mediatek mt7916 -
mediatek mt7920 -
mediatek mt7921 -
mediatek mt7922 -
mediatek mt7925 -
mediatek mt7927 -
mediatek mt7981 -
mediatek mt7986 -
mediatek mt8196 -
mediatek mt8668 -
mediatek mt8676 -
mediatek mt8678 -
mediatek mt8775 -
mediatek mt8791t -
mediatek mt8792 -
mediatek mt8793 -
mediatek mt8796 -
mediatek mt8873 -
mediatek mt8883 -
mediatek mt8893 -
mediatek mt8910 -
openwrt openwrt 19.07.0
openwrt openwrt 21.02.0
mediatek mt6890 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mediatek:nbiot_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4926CFD0-C88C-4A5A-8396-A719C52818B1",
              "versionEndIncluding": "3.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD86CC1-BD46-42D2-9112-190CCAC96B30",
              "versionEndIncluding": "7.6.7.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt6989tb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8824BD65-5AB4-4D5F-94C3-3CEA09D0A497",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "140DAC08-96E9-47D3-BC2E-65E999DCFD50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2A6813-7138-441E-A9E4-FF62FCBD797A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27CFC9DF-2F4C-469A-8A19-A260B1134CFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05525018-AFE0-415C-A71C-A77922C7D637",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0C4D80-28BC-4C4D-B522-AD9EC5222A2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2589C222-3D62-4BDB-98F2-5F1E38600D8D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE302F6F-170E-4350-A8F4-65BE0C50CB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE5FB550-7264-4879-BAF9-6798949113AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBD3487-F8CE-406C-8BD7-DD57FF8CD60B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6DD525F-7050-42BD-829D-1121698B8009",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23DD8281-FEB4-4E23-8DDA-680FF895F12E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCFAADB1-C2B2-47A6-BB66-761B964E7DFB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C81BC81-1358-4005-8D35-92428D052A65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 /  WCNCR00463309; Issue ID: MSV-4852."
    },
    {
      "lang": "es",
      "value": "En el firmware de AP/STA de WLAN, existe una posible falta de respuesta del sistema debido a una excepci\u00f3n no capturada. Esto podr\u00eda llevar a una denegaci\u00f3n de servicio remota (proximal/adyacente) sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: WCNCR00461663 / WCNCR00463309; ID de problema: MSV-4852."
    }
  ],
  "id": "CVE-2026-20419",
  "lastModified": "2026-02-05T17:16:13.460",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-02T09:15:56.990",
  "references": [
    {
      "source": "security@mediatek.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://corp.mediatek.com/product-security-bulletin/February-2026"
    }
  ],
  "sourceIdentifier": "security@mediatek.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "security@mediatek.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.