Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.6
IDC SFX2100 SUID Binary Allows Local Privilege Escalation on Linux
CVE-2026-29123
Summary
A critical flaw exists in the SFX2100 software on Linux systems. A local attacker can exploit this by manipulating the system's file paths or creating malicious links, potentially allowing them to gain elevated access. To protect your system, update your SFX2100 software as soon as possible.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| datacast | sfx2100_firmware | All versions | – |
Original title
A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting (IDC) SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on con...
Original description
A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting (IDC) SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symlink abuse or shared object hijacking.
nvd CVSS4.0
8.6
Vulnerability type
CWE-269
Improper Privilege Management
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026