CVE-2026-29127

Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100

Description

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory.

INFO

Published Date :

2026-03-05T02:36:12.112Z

Last Modified :

2026-03-05T17:26:12.994Z

Source :

Gridware

AFFECTED PRODUCTS

The following products are affected by CVE-2026-29127 vulnerability.

Vendors	Products
Datacast	Sfx2100 Sfx2100 Firmware
International Datacasting Corporation	Sfx2100 Satellite Receiver

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-29127.

URL	Resource
https://www.abdulmhsblog.com/posts/sfx2100-vulns/

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact