Platform
linux
Component
sfx2100-satellite-receiver
Fixed in
2100.0.1
CVE-2026-29123 describes a Privilege Escalation vulnerability affecting the SFX2100 Satellite Receiver from International Data Casting (IDC) running on Linux. This flaw allows a local attacker to potentially gain elevated privileges by exploiting a SUID root-owned binary. Affected versions include SFX2100 and earlier. A fix is pending, and mitigation strategies focus on restricting access and file permissions.
The vulnerability lies within a SUID root-owned binary located at /home/xd/terminal/XDTerminal. An attacker with local access can exploit this by manipulating the system's PATH environment variable, creating malicious symbolic links, or hijacking shared objects. Successful exploitation could grant the attacker root privileges, enabling them to execute arbitrary commands, access sensitive data, and potentially compromise the entire system. This represents a significant security risk, particularly in environments where the SFX2100 receiver is used to manage critical infrastructure or sensitive information.
CVE-2026-29123 was publicly disclosed on 2026-03-05. The EPSS score is pending evaluation. Currently, no public proof-of-concept exploits are known, but the vulnerability's nature (SUID binary exploitation) suggests a potential for rapid exploitation if a PoC is released. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.01% (1% percentile)
CISA SSVC
Due to the absence of a direct patch, mitigation focuses on reducing the attack surface. First, restrict the PATH environment variable to prevent attackers from injecting malicious binaries. Implement strict file permissions on /home/xd/terminal/XDTerminal and its parent directories, ensuring only authorized users have write access. Regularly audit the system for suspicious symbolic links or shared object modifications. Consider using AppArmor or SELinux to further confine the binary's capabilities. After implementing these mitigations, verify their effectiveness by attempting to execute the vulnerable binary with a non-root user and confirming that privilege escalation is prevented.
Update the SFX2100 satellite receiver firmware to a version that fixes the vulnerability. Consult with International Datacasting Corporation for the latest firmware update and installation instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-29123 is a vulnerability in the SFX2100 Satellite Receiver allowing a local attacker to potentially gain root privileges through PATH hijacking, symlink abuse, or shared object hijacking.
You are affected if you are using the SFX2100 Satellite Receiver with versions ≤SFX2100 running on Linux.
A direct patch is not yet available. Mitigate by restricting PATH, file permissions, and using AppArmor/SELinux.
Currently, there are no confirmed reports of active exploitation, but the vulnerability's nature suggests a potential for exploitation.
Refer to the IDC website or security mailing lists for the official advisory regarding CVE-2026-29123.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.