Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.3
IDC SFX2100 Satellite Receiver Allows Local Privilege Escalation
CVE-2026-29121
Summary
The IDC SFX2100 satellite receiver has a security issue that allows any local user to access sensitive system files and potentially take control of the device. This is because a certain program has been installed with too many privileges. To fix this, update the device software to remove the excessive privileges.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| datacast | sfx2100_firmware | All versions | – |
Original title
International Data Casting (IDC) SFX2100 satellite receiver comes with the `/sbin/ip` utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who ...
Original description
International Data Casting (IDC) SFX2100 satellite receiver comes with the `/sbin/ip` utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file reads as the root user on the local file system and may potentially lead to other avenues for preforming privileged actions.
nvd CVSS4.0
8.3
Vulnerability type
CWE-269
Improper Privilege Management
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026