Daktronics Controller Firmware

Plan PatchCVSS 8.1ICS-CERT ICSA-26-176-04Jun 25, 2026

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Multiple Daktronics controller models contain path traversal and arbitrary file upload vulnerabilities that allow unauthenticated attackers to gain complete root-level access to the devices. The vulnerabilities affect VFC-DMP-5000, DMP-5000, and DMP-8000 firmware versions prior to 8.117.0.x, 9.43.0.x, or 10.34.0.x across all product lines. Exploitation requires only network access and no user interaction or prior authentication. An attacker could completely take over the controller and modify all functionality or settings.

What this means

What could happen

An attacker with network access could gain complete root-level control of affected Daktronics display controllers, allowing them to modify display content, disrupt communications, or alter system settings without authentication.

Who's at risk

Organizations operating Daktronics display controllers (VFC-DMP-5000, DMP-5000, and DMP-8000 models) should be concerned. These devices typically control public-facing displays in transportation hubs, stadiums, transit centers, and municipal facilities. Compromised controllers could display false or harmful information to the public or disrupt critical communications.

How it could be exploited

An attacker on the network sends a request to the affected device exploiting path traversal and file upload vulnerabilities to upload a malicious file and gain unauthenticated root access to the controller firmware.

Prerequisites

Network access to the Daktronics controller device
No credentials required for initial exploitation

remotely exploitableno authentication requiredlow complexityaffects display/communications infrastructure

Exploitability

Unlikely to be exploited — EPSS score 0.8%

Affected products (9)

9 pending

ProductAffected VersionsFix Status

VFC-DMP-5000<v8.117.x.xNo fix yet

VFC-DMP-5000<v9.43.x.xNo fix yet

VFC-DMP-5000<v10.34.x.xNo fix yet

DMP-5000<v10.34.x.xNo fix yet

DMP-5000<v8.117.x.xNo fix yet

DMP-5000<v9.43.x.xNo fix yet

DMP-8000<v10.34.x.xNo fix yet

DMP-8000<v8.117.x.xNo fix yet

Remediation & Mitigation

0/5

Do now

0/2

WORKAROUNDChange all default passwords on affected controllers to strong, unique credentials

HARDENINGRestrict network access to the controller management interface to authorized engineering workstations only using firewall rules

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

VFC-DMP-5000

HOTFIXUpdate VFC-DMP-5000 firmware to version 8.117.0.x, 9.43.0.x, or 10.34.0.x or later

DMP-5000

HOTFIXUpdate DMP-5000 firmware to version 8.117.0.x, 9.43.0.x, or 10.34.0.x or later

DMP-8000

HOTFIXUpdate DMP-8000 firmware to version 8.117.0.x, 9.43.0.x, or 10.34.0.x or later

CVEs (3)

CVE-2026-28701 CVE-2026-31928 CVE-2026-33560

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/527667b7-5495-45cd-9fbf-912a8eaa6be8

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.