CVE-2026-29128 identifies a critical security weakness in the firmware of the International Datacasting Corporation (IDC) SFX2100 Satellite Receiver. The firmware includes multiple daemon configuration files for routing protocols such as zebra, bgpd, ospfd, and ripd. These files are owned by root but are world-readable, exposing sensitive configuration data to any user or process on the device. Critically, these configuration files contain hardcoded or otherwise insecure plaintext passwords, including 'enable' or privileged-mode credentials that grant elevated access. The presence of these credentials in accessible files violates secure credential storage best practices (CWE-522 and CWE-798). An attacker with local or limited remote access can read these files to obtain credentials, enabling them to escalate privileges on the satellite receiver or pivot to other networked systems. The vulnerability requires a low-level privilege attacker and has a high attack complexity, but no user interaction is necessary. The scope and impact are high due to the potential compromise of satellite communication infrastructure, which is often critical for broadcasting and data transmission. No patches or exploits are currently known, but the risk remains significant given the sensitive environment and the ease of credential extraction from world-readable files.

The exploitation of this vulnerability can lead to unauthorized access and control over the SFX2100 Satellite Receiver, potentially allowing attackers to manipulate satellite data routing and communication. This can disrupt broadcast services, degrade data integrity, and compromise confidentiality of transmitted information. Furthermore, attackers can leverage the hardcoded credentials to move laterally within the network, gaining footholds on other critical systems. The impact extends to operational disruptions in broadcasting, emergency communications, and other satellite-dependent services, potentially affecting national security and commercial operations. Given the high privilege level of the exposed credentials, attackers could also perform local privilege escalation, increasing their control over the device and network. The high CVSS score reflects the serious risk to confidentiality, integrity, and availability of satellite communication infrastructure.

Organizations should immediately audit the SFX2100 Satellite Receiver configuration files to identify and restrict access to sensitive daemon configuration files. File permissions must be tightened to prevent world-readable access, ensuring only root or authorized processes can read these files. Replace all hardcoded plaintext passwords with securely stored, unique credentials, preferably using encrypted credential storage or hardware security modules if supported. Implement network segmentation to isolate satellite receivers from broader enterprise networks, limiting lateral movement opportunities. Monitor device logs and network traffic for unusual access patterns or attempts to read configuration files. Engage with IDC for firmware updates or patches addressing this issue and apply them promptly once available. Additionally, consider deploying intrusion detection systems tailored to satellite communication protocols to detect exploitation attempts. Regularly review and update security policies governing satellite infrastructure to incorporate lessons learned from this vulnerability.