CVE-2026-29124
Multiple SUID Binaries in IDC SFX2100 Enable Local Privilege Escalation
Publication date: 2026-03-05
Last updated on: 2026-03-11
Assigner: Gridware
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| datacast | sfx2100_firmware | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves multiple SUID root-owned binaries located in specific directories of the International Data Casting (IDC) SFX2100 Satellite Receiver system. Because these binaries have the SUID bit set and are owned by root, they can be executed with root privileges. A local user with the 'monitor' account can exploit these binaries to escalate their privileges from a lower-privileged user to root, gaining full control over the system.
How can this vulnerability impact me? :
The primary impact of this vulnerability is local privilege escalation. An attacker or unauthorized user with access to the 'monitor' user account can exploit the SUID root-owned binaries to gain root-level access. This elevated access can allow them to perform unauthorized actions, modify system configurations, access sensitive data, install malware, or disrupt system operations.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves multiple SUID root-owned binaries located in specific directories on the affected system. To detect it, you can check for SUID binaries owned by root in the mentioned paths.
- Run the command: find /home/monitor/terminal -perm -4000 -user root -type f
- Run the command: find /home/monitor/kore-terminal -perm -4000 -user root -type f
- Run the command: find /home/monitor/IDE-DPack/terminal-dpack -perm -4000 -user root -type f
- Run the command: find /home/monitor/IDE-DPack/terminal-dpack2 -perm -4000 -user root -type f
These commands will list SUID root-owned binaries in the specified directories, helping to identify the presence of the vulnerable binaries.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediate steps include restricting access to the affected directories and binaries, removing the SUID bit from the vulnerable binaries if they are not required, or applying vendor patches if available.
- Limit access to /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 to trusted users only.
- Remove the SUID bit from the binaries using: chmod u-s <binary_path>
- Check for and apply any security updates or patches provided by International Data Casting (IDC) for the SFX2100 Satellite Receiver.