Primary

Context

International Data Casting SFX2100 Satellite Receiver Multiple SUID Binaries Local Privilege Escalation Vulnerability

Vulnerability

A local privilege escalation vulnerability has been identified in the International Data Casting (IDC) SFX2100 Satellite Receiver. This issue arises from multiple SUID root-owned binaries located in the 'monitor' user home directory. The vulnerability allows the 'monitor' user to escalate privileges to root.

Impact

Exploitation of this vulnerability allows the 'monitor' user to gain root privileges on the affected device.

Reproduction

The vulnerability can be reproduced by exploiting the insecure directory permissions on the 'monitor' user's home directory, which is world-writable. This allows for the modification of commands or symlinks that would be executed by the 'kore-terminal' or 'terminal' binaries, both of which are SUID and can be used to escalate privileges to root.

Added: Mar 5, 2026, 2:20 AM

Updated: Mar 5, 2026, 7:50 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

0.0

relevance

3.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

0.0

relevance

3.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

International Data Casting SFX2100 Satellite Receiver Multiple SUID Binaries Local Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating