CVE-2026-20419
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2026-20419, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-02

Last updated on: 2026-02-05

Assigner: MediaTek, Inc.

Description

In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-02
Last Modified
2026-02-05
Generated
2026-07-06
AI Q&A
2026-02-02
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 30 associated CPEs
Vendor Product Version / Range
mediatek nbiot_sdk to 3.6 (inc)
mediatek software_development_kit to 7.6.7.2 (inc)
mediatek mt6890 *
mediatek mt6989tb *
mediatek mt7902 *
mediatek mt7915 *
mediatek mt7916 *
mediatek mt7920 *
mediatek mt7921 *
mediatek mt7922 *
mediatek mt7925 *
mediatek mt7927 *
mediatek mt7981 *
mediatek mt7986 *
mediatek mt8196 *
mediatek mt8668 *
mediatek mt8676 *
mediatek mt8678 *
mediatek mt8775 *
mediatek mt8791t *
mediatek mt8792 *
mediatek mt8793 *
mediatek mt8796 *
mediatek mt8873 *
mediatek mt8883 *
mediatek mt8893 *
mediatek mt8910 *
openwrt openwrt 19.07.0
openwrt openwrt 21.02.0
mediatek mt6890 *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-754 The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in wlan AP/STA firmware where an uncaught exception can cause the system to become unresponsive. It can be exploited remotely by an attacker in close proximity without needing any user interaction or additional execution privileges.

Impact Analysis

The impact of this vulnerability is a denial of service (DoS) condition, where the affected system becomes unresponsive, potentially disrupting network connectivity or device functionality.

Mitigation Strategies

Apply the patches identified as WCNCR00461663 and WCNCR00463309 to the affected wlan AP/STA firmware to mitigate the vulnerability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20419. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart