Electronic Scoreboards and Display Systems Have Security Flaw: What Venues Should Know

CISA has announced serious security vulnerabilities in Daktronics controller firmware. Daktronics makes the electronic scoreboards and digital displays you see at sports stadiums, schools, and public venues. The vulnerabilities could allow hackers to gain complete root-level access and control of these systems without needing a password or any authentication. This primarily affects organizations that operate venues with Daktronics display systems, including schools, sports facilities, concert venues, and public spaces.

For families, the direct impact is limited unless you work at or manage a facility using this equipment. However, if your child's school or local sports complex uses these systems, the venue operators need to take action to prevent disruptions or unauthorized content being displayed.

If you are responsible for a facility that uses Daktronics display systems, here is what you need to do:

1. Contact Daktronics immediately to get the latest firmware updates for your controllers.
2. Check which models you have. The affected models include VFC-DMP-5000, DMP-5000, and DMP-8000 controllers with specific older firmware versions.
3. Apply all available security updates as soon as possible.
4. If you cannot update immediately, work with your IT team to isolate these systems from the internet until patches can be applied. For venue operators, staying on top of security updates for all connected equipment is critical. These display systems are computers just like any other, and they need regular updates to stay secure. Create a schedule to check for firmware updates quarterly, and consider working with a managed IT service if you do not have dedicated technical staff.