CVE-2026-20419

MEDIUM

Wlan AP/STA firmware - DoS

Title source: llm

Description

In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.

References (1)

[Vendor Advisory] https://corp.mediatek.com/product-security-bulletin/February-2026

Scores

CVSS v3 6.5

EPSS 0.0001

EPSS Percentile 2.6%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-754

Status published

Products (50)

mediatek/nbiot_sdk < 3.6

mediatek/software_development_kit < 7.6.7.2

MediaTek, Inc./MediaTek chipset MT6890

MediaTek, Inc./MediaTek chipset MT6989TB

MediaTek, Inc./MediaTek chipset MT7902

MediaTek, Inc./MediaTek chipset MT7915

MediaTek, Inc./MediaTek chipset MT7916

MediaTek, Inc./MediaTek chipset MT7920

MediaTek, Inc./MediaTek chipset MT7921

MediaTek, Inc./MediaTek chipset MT7922

... and 40 more

Published Feb 02, 2026

Tracked Since Feb 18, 2026