Cyber Resilience

CVE-2026-29124

HighPublic PoCLPE

Published: 05 March 2026

Published
05 March 2026
Modified
11 March 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0012 2.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-29124 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Datacast Sfx2100 Firmware. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 2.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-6 (Configuration Settings).

Deeper analysis

CVE-2026-29124 is a local privilege escalation vulnerability in the International Data Casting (IDC) SFX2100 Satellite Receiver. It stems from multiple SUID root-owned binaries located in directories such as /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2. These binaries allow improper elevation of privileges from the `monitor` user to root, associated with CWE-269 (Improper Privilege Management). The vulnerability received a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-03-05.

An attacker with local access and low privileges, specifically as the `monitor` user, can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation grants root-level privileges, enabling high-impact compromise of confidentiality, integrity, and availability on the affected system.

Mitigation details are available in the referenced advisory at https://www.abdulmhsblog.com/posts/sfx2100-vulns/.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting (IDC) SFX2100 Satellite Receiver, which may lead to local privlidge escalation from the `monitor` user to root

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local privilege escalation vulnerability in SUID root binaries directly enables exploitation for privilege escalation from monitor user to root (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-29121Same product: Datacast Sfx2100
CVE-2026-29123Same product: Datacast Sfx2100
CVE-2026-29127Same product: Datacast Sfx2100
CVE-2026-29126Same product: Datacast Sfx2100
CVE-2026-28770Same product: Datacast Sfx2100
CVE-2026-28774Same product: Datacast Sfx2100
CVE-2026-28776Same product: Datacast Sfx2100
CVE-2026-28773Same product: Datacast Sfx2100
CVE-2026-28778Same product: Datacast Sfx2100
CVE-2026-29128Same product: Datacast Sfx2100

Affected Assets

datacast
sfx2100 firmware
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AC-6 enforces the principle of least privilege, directly preventing the deployment and use of unnecessary SUID root-owned binaries that enable privilege escalation from the monitor user to root.

prevent

CM-7 implements least functionality by configuring systems to disable or prohibit non-essential SUID binaries in user-accessible directories like /home/monitor, mitigating local privilege escalation.

prevent

CM-6 requires secure baseline configuration settings, such as removing SUID bits from root-owned binaries in vulnerable paths, to prevent exploitation for root privilege escalation.

References