cvedb.io
CVE-2026-29123
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2026-03-05T02:16:51.530 · Last modified 2026-06-17T10:29:39.523

Summary

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting (IDC) SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symlink abuse or shared object hijacking.

Affected products

datacast — sfx2100_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when datacast ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.