CVE-2026-20435 | MediaTek MT8793 preloader insufficiently protected credentials

A vulnerability classified as problematic was found in MediaTek MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6813, MT6833, MT6853, MT6855, MT6877, MT6878, MT6879, MT6880, MT6885, MT6886, MT6890, MT6893, MT6895, MT6897, MT6983, MT6985, MT6989, MT6990, MT6993, MT8169, MT8186, MT8188, MT8370, MT8390, MT8676, MT8678, MT8696 and MT8793. This affects an unknown function of the component preloader. Executing a manipulation can lead to insufficiently protected credentials.

The identification of this vulnerability is CVE-2026-20435. The attack can only be executed locally. There is no exploit available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-20435 | MediaTek MT8793 preloader insufficiently protected credentials

Post correlati

CVE-2024-5757 | Elementor Header & Footer Builder Plugin up to 1.6.35 on WordPress Site Title Widget cross site scripting

CVE-2024-49790 | IBM Watson Studio on Cloud Pak for Data 4.0/5.0 Web UI cross site scripting

CVE-2025-67886 | Bitrix24 up to 25.100.300 Translate unrestricted upload

CVE-2023-30750 | CreativeMindsSolutions CM Popup Plugin up to 1.5.10 on WordPress sql injection