CVE-2026-29127
HIGHCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory.
Analysis
Local privilege escalation in IDC SFX2100 Satellite Receiver firmware occurs due to overly permissive file system permissions (0777) on a privileged user's home directory, allowing any local user to read, write, and execute files within it. An attacker with local access can leverage highly privileged processes and binaries in this directory to escalate their privileges on the system. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all IDC SFX2100 devices in your environment and document their network locations and data sensitivity classification. Within 7 days: Implement network segmentation to restrict access to affected devices to authorized personnel only; disable remote administrative access where operationally feasible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today