CVE-2026-29120
Received Received - Intake
Hardcoded Root Password Hash in IDC SFX2100 Enables Privilege Escalation

Publication date: 2026-03-04

Last updated on: 2026-03-17

Assigner: Gridware

Description
The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation (IDC) SFX Series(SFX2100) SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the rockyou.txt wordlist. Because direct root SSH login is disabled, an attacker must first obtain low-privileged access to the system (e.g., via other vulnerabilities) to be able to log in as the root user. The password is hardcoded and so allows for an actor with local access on effected versions to escalate to root
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-04
Last Modified
2026-03-17
Generated
2026-05-07
AI Q&A
2026-03-04
EPSS Evaluated
2026-05-05
NVD
CVE-2026-29120
EUVD
EUVD-2026-9375
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
datacast sfx2100_firmware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the /root/anaconda-ks.cfg installation configuration file in the International Datacasting Corporation (IDC) SFX Series (SFX2100) SuperFlex Satellite Receiver. The file insecurely stores a hardcoded root password hash.

The password itself is highly insecure and can be cracked using offline dictionary attacks with common wordlists like rockyou.txt.

Although direct root SSH login is disabled, an attacker who gains low-privileged access to the system through other vulnerabilities can use this hardcoded password hash to escalate privileges to root.


How can this vulnerability impact me? :

This vulnerability can allow an attacker with initial low-level access to escalate their privileges to root on the affected device.

With root access, the attacker can fully control the system, potentially leading to unauthorized data access, system manipulation, or disruption of services.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability involves the insecure storage of a hardcoded root password hash in the /root/anaconda-ks.cfg file on affected IDC SFX Series devices.

To detect this vulnerability on your system, you can check for the presence of the /root/anaconda-ks.cfg file and inspect it for hardcoded password hashes.

  • Use the command: cat /root/anaconda-ks.cfg | grep -i password
  • Check for root password hashes in the file by running: grep -i root /root/anaconda-ks.cfg

Since the vulnerability requires local access, monitoring for unauthorized local access attempts or privilege escalations may also help detect exploitation.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include removing or securing the /root/anaconda-ks.cfg file to prevent exposure of the hardcoded root password hash.

Since direct root SSH login is disabled, ensure that all other vulnerabilities that could allow low-privileged access are patched to prevent attackers from gaining initial access.

Consider changing the root password to a strong, unique password and avoid using hardcoded passwords in configuration files.

Implement monitoring and alerting for unusual local access or privilege escalation attempts.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart