CVE-2026-20418
Published: 02 February 2026
Summary
CVE-2026-20418 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Google Matter. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 19.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the missing bounds check by requiring validation of information inputs to prevent out-of-bounds writes in the Thread networking component.
Implements memory protection mechanisms such as address space layout randomization and data execution prevention to block exploitation of the out-of-bounds write vulnerability.
Mandates timely flaw remediation including installation of the specific vendor patch WCNCR00465153 to fix the missing bounds check in Thread.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated OOB write in Thread networking component directly enables RCE via public-facing network service exploitation (T1190) and leads to privilege escalation (T1068).
NVD Description
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465153;…
more
Issue ID: MSV-4927.
Deeper analysisAI
CVE-2026-20418 is a high-severity vulnerability in the Thread networking component, stemming from a missing bounds check that enables an out-of-bounds write. This flaw, classified under CWE-787, affects Thread implementations, as detailed in MediaTek's product security resources, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). It carries Patch ID WCNCR00465153 and Issue ID MSV-4927.
A remote attacker requires no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation could result in escalation of privilege, potentially granting unauthorized access to sensitive data (confidentiality), system modification (integrity), and service disruption (availability).
MediaTek's February 2026 Product Security Bulletin at https://corp.mediatek.com/product-security-bulletin/February-2026 provides details on the patch (WCNCR00465153), recommending affected users apply it promptly to mitigate the risk of remote code execution or privilege escalation in Thread-enabled devices.
Details
- CWE(s)