CVE-2026-29124

low-risk

Published 2026-03-05

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting (IDC) SFX2100 Satellite Receiver, which may lead to local privlidge escalation from the `monitor` user to root

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (1)

Sfx2100 Firmware

Affected Vendors

Datacast

References (1)

Exploit https://www.abdulmhsblog.com/posts/sfx2100-vulns/

/ 100

low-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal