Security Flaw Found in Digital Display Controllers. Check If You Have One

CISA has reported serious security vulnerabilities in Daktronics controller firmware used in digital display systems. These controllers power electronic signs and scoreboards. The vulnerabilities could allow an unauthenticated user to gain complete root-level access and control of the affected systems.

This means a hacker could potentially take over the entire device without needing a password. This issue affects specific Daktronics products including VFC-DMP-5000, DMP-5000, and DMP-8000 controllers running certain firmware versions. Most families will not be affected by this unless you own a business with digital signage or have one of these specific professional display controllers installed. These are typically found in commercial settings like sports arenas, retail stores, or corporate buildings, not in typical homes.

If you own or manage a business that uses Daktronics digital displays or scoreboards, take these steps immediately:

1. Check your equipment model numbers against the affected list (VFC-DMP-5000, DMP-5000, and DMP-8000).
2. Contact Daktronics directly or your equipment supplier to get the latest firmware updates.
3. Install all available security patches as soon as possible.
4. If you cannot update immediately, disconnect the controllers from the internet until you can apply the fix. For ongoing protection, keep all professional equipment updated with the latest firmware and security patches. Create a schedule to check for updates quarterly. If you rely on specialized equipment for your business, establish a relationship with your vendor's technical support team so you receive security notifications directly. Regular maintenance and updates are essential for any internet connected business equipment.