MT2737%2C%20MT6739%2C%20MT6761%2C%20MT6765%2C%20MT6768%2C%20MT6781%2C%20MT6789%2C%20MT6813%2C%20MT6833%2C%20MT6853%2C%20MT6855%2C%20MT6877%2C%20MT6878%2C%20MT6879%2C%20MT6880%2C%20MT6885%2C%20MT6886%2C%20MT6890%2C%20MT6893%2C%20MT6895%2C%20MT6897%2C%20MT6983%2C%20MT6985%2C%20MT6989%2C%20MT6990%2C%20MT6993%2C%20MT8169%2C%20MT8186%2C%20MT8188%2C%20MT8370%2C%20MT8390%2C%20MT8676%2C%20MT8678%2C%20MT8696%2C%20MT8793

MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6813, MT6833, MT6853, MT6855, MT6877, MT6878, MT6879, MT6880, MT6885, MT6886, MT6890, MT6893, MT6895, MT6897, MT6983, MT6985, MT6989, MT6990, MT6993, MT8169, MT8186, MT8188, MT8370, MT8390, MT8676, MT8678, MT8696, MT8793

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2026-20435

Assigner-MediaTek, Inc.

View Details

Assigner-MediaTek, Inc.

CVSS Score-4.6||MEDIUM

EPSS-0.02% / 5.46%

7 Day CHG~0.00%

Published-02 Mar, 2026 | 08:39

Updated-03 Mar, 2026 | 12:52

In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS10607099; Issue ID: MSV-6118.

Vendor-rdkcentral OpenWrt The Linux Foundation Zephyr Project MediaTek Inc.Google LLC

CWE ID-CWE-522

Insufficiently Protected Credentials