{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20419", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2025-11-03T01:30:59.009Z", "datePublished": "2026-02-02T08:16:46.837Z", "dateUpdated": "2026-02-05T16:11:40.807Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2026-02-02T08:16:46.837Z"}, "descriptions": [{"lang": "en", "value": "In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MT6890, MT6989TB, MT7902, MT7915, MT7916, MT7920, MT7921, MT7922, MT7925, MT7927, MT7981, MT7986, MT8196, MT8668, MT8676, MT8678, MT8775, MT8791T, MT8792, MT8793, MT8796, MT8873, MT8883, MT8893, MT8910", "versions": [{"version": "CE/NB SDK release 3.6 and before / SDK release 7.6.7.2 and before / OpenWrt 19.07, 21.02 (MT6890)", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2026"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions"}]}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-02-05T16:11:25.115269Z", "id": "CVE-2026-20419", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-05T16:11:40.807Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-20419", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-05T16:11:25.115269Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-02T13:45:02.991Z"}}], "cna": {"affected": [{"vendor": "MediaTek, Inc.", "product": "MT6890, MT6989TB, MT7902, MT7915, MT7916, MT7920, MT7921, MT7922, MT7925, MT7927, MT7981, MT7986, MT8196, MT8668, MT8676, MT8678, MT8775, MT8791T, MT8792, MT8793, MT8796, MT8873, MT8883, MT8893, MT8910", "versions": [{"status": "affected", "version": "CE/NB SDK release 3.6 and before / SDK release 7.6.7.2 and before / OpenWrt 19.07, 21.02 (MT6890)"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2026"}], "descriptions": [{"lang": "en", "value": "In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions"}]}], "providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2026-02-02T08:16:46.837Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20419", "state": "PUBLISHED", "dateUpdated": "2026-02-05T16:11:40.807Z", "dateReserved": "2025-11-03T01:30:59.009Z", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "datePublished": "2026-02-02T08:16:46.837Z", "assignerShortName": "MediaTek"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mediatek:nbiot_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "4926CFD0-C88C-4A5A-8396-A719C52818B1", "versionEndIncluding": "3.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "0DD86CC1-BD46-42D2-9112-190CCAC96B30", "versionEndIncluding": "7.6.7.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6989tb:-:*:*:*:*:*:*:*", "matchCriteriaId": "8824BD65-5AB4-4D5F-94C3-3CEA09D0A497", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", "matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*", "matchCriteriaId": "140DAC08-96E9-47D3-BC2E-65E999DCFD50", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", "matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA2A6813-7138-441E-A9E4-FF62FCBD797A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*", "matchCriteriaId": "27CFC9DF-2F4C-469A-8A19-A260B1134CFE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*", "matchCriteriaId": "05525018-AFE0-415C-A71C-A77922C7D637", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*", "matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*", "matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*", "matchCriteriaId": "FB0C4D80-28BC-4C4D-B522-AD9EC5222A2E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*", "matchCriteriaId": "2589C222-3D62-4BDB-98F2-5F1E38600D8D", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE302F6F-170E-4350-A8F4-65BE0C50CB78", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", "matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE5FB550-7264-4879-BAF9-6798949113AF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*", "matchCriteriaId": "336FC69E-E89F-4642-B6B9-8009D9A2BD52", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FBD3487-F8CE-406C-8BD7-DD57FF8CD60B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6DD525F-7050-42BD-829D-1121698B8009", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*", "matchCriteriaId": "23DD8281-FEB4-4E23-8DDA-680FF895F12E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*", "matchCriteriaId": "CCFAADB1-C2B2-47A6-BB66-761B964E7DFB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C81BC81-1358-4005-8D35-92428D052A65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A", "vulnerable": true}, {"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852."}, {"lang": "es", "value": "En el firmware de AP/STA de WLAN, existe una posible falta de respuesta del sistema debido a una excepci\u00f3n no capturada. Esto podr\u00eda llevar a una denegaci\u00f3n de servicio remota (proximal/adyacente) sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: WCNCR00461663 / WCNCR00463309; ID de problema: MSV-4852."}], "id": "CVE-2026-20419", "lastModified": "2026-02-05T17:16:13.460", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-02T09:15:56.990", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2026"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "security@mediatek.com", "type": "Secondary"}]}

{}

{"created": "2026-02-04T12:45:08.303224+00:00", "updated": "2026-02-04T12:45:08.303264+00:00", "vendors": ["mediatek", "mediatek$PRODUCT$mt6890", "mediatek$PRODUCT$mt6989tb", "mediatek$PRODUCT$mt7902", "mediatek$PRODUCT$mt7915", "mediatek$PRODUCT$mt7916", "mediatek$PRODUCT$mt7920", "mediatek$PRODUCT$mt7921", "mediatek$PRODUCT$mt7922", "mediatek$PRODUCT$mt7925", "mediatek$PRODUCT$mt7927", "mediatek$PRODUCT$mt7981", "mediatek$PRODUCT$mt7986", "mediatek$PRODUCT$mt8196", "mediatek$PRODUCT$mt8668", "mediatek$PRODUCT$mt8676", "mediatek$PRODUCT$mt8678", "mediatek$PRODUCT$mt8775", "mediatek$PRODUCT$mt8791t", "mediatek$PRODUCT$mt8792", "mediatek$PRODUCT$mt8793", "mediatek$PRODUCT$mt8796", "mediatek$PRODUCT$mt8873", "mediatek$PRODUCT$mt8883", "mediatek$PRODUCT$mt8893", "mediatek$PRODUCT$mt8910"]}