Plattform
linux
Behoben in
2100.0.1
CVE-2026-29121 describes a privilege escalation vulnerability affecting the IDC SFX2100 satellite receiver. Due to the /sbin/ip utility being installed with the setuid bit set, a local attacker can gain elevated privileges. This allows for privileged file reads and potentially other actions on the local file system, impacting the confidentiality and integrity of the system. The vulnerability affects SFX2100 devices running versions less than or equal to SFX2100.
The primary impact of CVE-2026-29121 is the ability for a local attacker to escalate their privileges to root. This is achieved by exploiting the setuid bit on the /sbin/ip utility. Once root access is obtained, the attacker can read sensitive files, modify system configurations, install malicious software, and potentially compromise the entire device. The GTFObins resource provides documented methods for leveraging this privilege escalation, demonstrating the potential for significant system compromise. This vulnerability is particularly concerning as it allows for relatively straightforward privilege escalation without requiring complex exploits.
CVE-2026-29121 is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the GTFObins resource provides clear instructions on how to leverage the vulnerability. The ease of exploitation, combined with the potential for root access, suggests a medium probability of exploitation if the vulnerability is discovered by malicious actors. The vulnerability was publicly disclosed on 2026-03-05.
Organizations utilizing IDC SFX2100 satellite receivers, particularly those with limited access controls or those running the device in environments with untrusted local users, are at risk. Shared hosting environments where multiple users have access to the underlying operating system are also particularly vulnerable.
• linux / server:
find / -perm +4000 -type f 2>/dev/null | grep ip• linux / server:
journalctl -xe | grep '/sbin/ip'• linux / server:
lsof /sbin/ipdisclosure
Exploit-Status
EPSS
0.02% (6% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-29121 is to upgrade the IDC SFX2100 to a patched version. Unfortunately, a fixed version is not currently specified. As a temporary workaround, consider restricting access to the /sbin/ip utility by changing its permissions to remove the setuid bit. This can be done using the chmod command. Additionally, implement strict access controls on the SFX2100 device to limit the number of local users with potential access. Regularly audit the system for unauthorized file access or modifications. After applying the mitigation, verify the change by attempting to execute /sbin/ip as a non-root user and confirming that it does not elevate privileges.
Entfernen Sie das setuid-Bit von der Binärdatei `/sbin/ip` mit dem Befehl `chmod -s /sbin/ip`. Dadurch wird verhindert, dass lokale Benutzer die Binärdatei mit erhöhten Privilegien ausführen. Alternativ aktualisieren Sie die Firmware des Geräts auf eine Version, die das setuid-Bit nicht in der Binärdatei `/sbin/ip` enthält.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-29121 is a privilege escalation vulnerability affecting IDC SFX2100 satellite receivers. The /sbin/ip utility has the setuid bit set, allowing local users to gain root privileges.
If you are using an IDC SFX2100 satellite receiver with a version ≤SFX2100, you are potentially affected by this vulnerability. Check your device version against the affected range.
The recommended fix is to upgrade to a patched version of the IDC SFX2100 when available. As a temporary mitigation, restrict access to the /sbin/ip utility by removing the setuid bit or implementing access control lists.
There are currently no reports of active exploitation of CVE-2026-29121, but the ease of exploitation warrants attention and proactive mitigation.
Please refer to the IDC website or contact IDC support for the official advisory regarding CVE-2026-29121.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.