Vulnerability Description
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mediatek | Nbiot Sdk | <= 3.6 |
| Mediatek | Software Development Kit | <= 7.6.7.2 |
| Mediatek | Mt6890 | - |
| Mediatek | Mt6989Tb | - |
| Mediatek | Mt7902 | - |
| Mediatek | Mt7915 | - |
| Mediatek | Mt7916 | - |
| Mediatek | Mt7920 | - |
| Mediatek | Mt7921 | - |
| Mediatek | Mt7922 | - |
| Mediatek | Mt7925 | - |
| Mediatek | Mt7927 | - |
| Mediatek | Mt7981 | - |
| Mediatek | Mt7986 | - |
| Mediatek | Mt8196 | - |
| Mediatek | Mt8668 | - |
| Mediatek | Mt8676 | - |
| Mediatek | Mt8678 | - |
| Mediatek | Mt8775 | - |
| Mediatek | Mt8791T | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-20419?
CVE-2026-20419 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution pri...
How severe is CVE-2026-20419?
CVE-2026-20419 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-20419?
Check the references section above for vendor advisories and patch information. Affected products include: Mediatek Nbiot Sdk, Mediatek Software Development Kit, Mediatek Mt6890, Mediatek Mt6989Tb, Mediatek Mt7902.