{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-29127", "assignerOrgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "state": "PUBLISHED", "assignerShortName": "Gridware", "dateReserved": "2026-03-04T07:53:45.786Z", "datePublished": "2026-03-05T02:36:12.112Z", "dateUpdated": "2026-03-05T17:26:12.994Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "SFX2100 Satellite Receiver", "vendor": "International Datacasting Corporation", "versions": [{"status": "affected", "version": "SFX2100"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Abdul Mhanni"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the <code>monitor</code>&nbsp;user's home directory. The directory is configured with permissions <code>0777</code>, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory.&nbsp;<br>"}], "value": "The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor\u00a0user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 9.2, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "shortName": "Gridware", "dateUpdated": "2026-03-05T05:57:48.657Z"}, "references": [{"url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/"}], "source": {"discovery": "UNKNOWN"}, "title": "Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"references": [{"url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T17:22:51.372568Z", "id": "CVE-2026-29127", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T17:26:12.994Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-29127", "assignerOrgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "state": "PUBLISHED", "assignerShortName": "Gridware", "dateReserved": "2026-03-04T07:53:45.786Z", "datePublished": "2026-03-05T02:36:12.112Z", "dateUpdated": "2026-03-05T17:26:12.994Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "SFX2100 Satellite Receiver", "vendor": "International Datacasting Corporation", "versions": [{"status": "affected", "version": "SFX2100"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Abdul Mhanni"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the <code>monitor</code>&nbsp;user's home directory. The directory is configured with permissions <code>0777</code>, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory.&nbsp;<br>"}], "value": "The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor\u00a0user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 9.2, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "shortName": "Gridware", "dateUpdated": "2026-03-05T05:57:48.657Z"}, "references": [{"url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/"}], "source": {"discovery": "UNKNOWN"}, "title": "Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-29127", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-05T17:22:51.372568Z"}}}], "references": [{"url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T17:25:58.236Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:datacast:sfx2100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C57B6A9-CAF9-4C8A-85FC-562E16F291FE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:datacast:sfx2100:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A3BC5C9-39D5-4908-B470-A46E9ECFD6AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor\u00a0user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory."}], "id": "CVE-2026-29127", "lastModified": "2026-03-09T18:42:33.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.2, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "type": "Secondary"}]}, "published": "2026-03-05T03:15:54.713", "references": [{"source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/"}], "sourceIdentifier": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SFX2100"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "SFX2100 Satellite Receiver", "source": "cna", "vendor": "International Datacasting Corporation"}, "product": "sfx2100_satellite_receiver", "vendor": "international_datacasting_corporation"}], "analysis": {"en": {"generated_at": "2026-04-16T12:57:28.460915+00:00", "value": {"mitigation_remediation": ["Restrict permissions on the monitor user\u2019s home directory to 0700 or a value that only allows the intended user\n", "Remove or relocate any set\u2011uid root binaries from that directory, or otherwise ensure they are appropriately protected\n", "Apply any firmware updates or vendor patches that address the permission assignment issue when they become available\n", "Implement regular system audits to confirm that the directory permissions remain secure and that no unauthorized files exist"], "summary": {"action": "Assess Impact", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects devices manufactured by International\u202fDatacasting\u202fCorporation, specifically the SFX2100 Satellite Receiver. No specific firmware revisions are listed, and the CPE identifiers indicate the scope is the hardware and its firmware.", "description_and_impact": "A directory used by the monitor user on the IDC\u202fSFX2100 Satellite Receiver is set to 0777, which allows any local user to read, write, and execute files within that directory. Because the directory contains binaries with the set\u2011uid bit set to root, a local attacker can exploit the permissive access to gain root privileges. This flaw falls under class CWE\u2011269 (Improper Privilege Management) and CWE\u2011863 (CWE\u2011269 Privilege Management) and can result in the ability to modify system binaries, install malware, or alter firmware settings.", "risk_and_exploitability": "The CVSS score of 9.2 indicates critical severity, while the EPSS score of less than 1\u202f% demonstrates a very low but nonzero likelihood of exploitation. The vulnerability is not yet listed in the CISA Known Exploited Vulnerabilities catalog. As the flaw requires local physical or administrative access to the receiver, attackers would normally need to log in as a non\u2011privileged user or otherwise have local access. Once access is achieved, the attacker can replace or modify SUID root binaries in the monitor home directory, effectively elevating privileges to system\u2011wide control."}}}}, "created": "2026-03-06T15:17:55.388804+00:00", "updated": "2026-04-16T13:00:11.088662+00:00", "vendors": ["international_datacasting_corporation", "international_datacasting_corporation$PRODUCT$sfx2100_satellite_receiver"]}