● Medium · CVSS 4.6

How to Fix CVE-2026-20435: MediaTek chipset (Bundle Sibling)

By Sai Kiran Pandrala. Last verified: 2026-05-25.

CVE-2026-20435 is a sibling vulnerability in the same vendor advisory as CVE-2026-20416. Apply the same patched build and you close both. The technical detail below is what differs.

⚡ At a glance


Severity	4.6 (Medium)
Actively exploited?	No public listing in CISA KEV
Affected	MediaTek chipset MT2737; MediaTek chipset MT6739; MediaTek chipset MT6761; MediaTek chipset MT6765; MediaTek chipset MT6768; MediaTek chipset MT6781; MediaTek chipset MT6789; MediaTek chipset MT6813; MediaTek chipset MT6833; MediaTek chipset MT6853; MediaTek chipset MT6855; MediaTek chipset MT6877; MediaTek chipset MT6878; MediaTek chipset MT6879; MediaTek chipset MT6880; MediaTek chipset MT6885; MediaTek chipset MT6886; MediaTek chipset MT6890; MediaTek chipset MT6893; MediaTek chipset MT6895; MediaTek chipset MT6897; MediaTek chipset MT6983; MediaTek chipset MT6985; MediaTek chipset MT6989; MediaTek chipset MT6990; MediaTek chipset MT6993; MediaTek chipset MT8169; MediaTek chipset MT8186; MediaTek chipset MT8188; MediaTek chipset MT8370; MediaTek chipset MT8390; MediaTek chipset MT8676; MediaTek chipset MT8678; MediaTek chipset MT8696; MediaTek chipset MT8793
Fixed in	Same patched build as CVE-2026-20416
Type (CWE)	CWE-522 Insufficiently Protected Credentials

What's different about CVE-2026-20435?

In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS10607099; Issue ID: MSV-6118.

How to fix CVE-2026-20435

Apply the patched build per the primary write-up: How to Fix CVE-2026-20416. All commands, verification steps, and rollback notes for MediaTek chipset are listed there.

Frequently asked questions

Does the CVE-2026-20416 patch close CVE-2026-20435?

Yes. Both CVEs are addressed by the same vendor patch. Applying the patched build closes the full bundle.

Is CVE-2026-20435 listed in CISA KEV?

No public KEV listing at the time of this writing.

Where is the official advisory?

See https://corp.mediatek.com/product-security-bulletin/March-2026

References

Official vendor advisory: https://corp.mediatek.com/product-security-bulletin/March-2026
NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-20435
CISA KEV catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Primary: How to Fix CVE-2026-20416

*Written by Sai Kiran Pandrala. Part of the MediaTek chipset bundle. Full procedure at how-to-fix-cve-2026-20416.*