CVE-2026-29124
Received Received - Intake
Multiple SUID Binaries in IDC SFX2100 Enable Local Privilege Escalation

Publication date: 2026-03-05

Last updated on: 2026-03-11

Assigner: Gridware

Description
Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting (IDC) SFX2100 Satellite Receiver, which may lead to local privlidge escalation from the `monitor` user to root
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-05
Last Modified
2026-03-11
Generated
2026-06-16
AI Q&A
2026-03-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-29124
EUVD
EUVD-2026-9516
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
datacast sfx2100_firmware *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves multiple SUID root-owned binaries located in specific directories of the International Data Casting (IDC) SFX2100 Satellite Receiver system. Because these binaries have the SUID bit set and are owned by root, they can be executed with root privileges. A local user with the 'monitor' account can exploit these binaries to escalate their privileges from a lower-privileged user to root, gaining full control over the system.

Impact Analysis

The primary impact of this vulnerability is local privilege escalation. An attacker or unauthorized user with access to the 'monitor' user account can exploit the SUID root-owned binaries to gain root-level access. This elevated access can allow them to perform unauthorized actions, modify system configurations, access sensitive data, install malware, or disrupt system operations.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves multiple SUID root-owned binaries located in specific directories on the affected system. To detect it, you can check for SUID binaries owned by root in the mentioned paths.

  • Run the command: find /home/monitor/terminal -perm -4000 -user root -type f
  • Run the command: find /home/monitor/kore-terminal -perm -4000 -user root -type f
  • Run the command: find /home/monitor/IDE-DPack/terminal-dpack -perm -4000 -user root -type f
  • Run the command: find /home/monitor/IDE-DPack/terminal-dpack2 -perm -4000 -user root -type f

These commands will list SUID root-owned binaries in the specified directories, helping to identify the presence of the vulnerable binaries.

Mitigation Strategies

To mitigate this vulnerability, immediate steps include restricting access to the affected directories and binaries, removing the SUID bit from the vulnerable binaries if they are not required, or applying vendor patches if available.

  • Limit access to /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 to trusted users only.
  • Remove the SUID bit from the binaries using: chmod u-s <binary_path>
  • Check for and apply any security updates or patches provided by International Data Casting (IDC) for the SFX2100 Satellite Receiver.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-29124. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart