Your one-stop web resource providing safety and security information to manufacturers

There is a report of a hardcoded password vulnerability affecting Daktronics Vanguard highway notification sign configuration software, according to a report on ICS-CERT.

The remotely exploitable vulnerability is a hardcoded password that could allow unauthorized access to the highway sign. This report came to ICS-CERT via the Federal Highway Administration.

COPA-DATA Improper Input Validation
Triangle MicroWorks Fixes DoS Hole
Cogent Fixes 3 DataHub Vulnerabilities
Siemens Updates ROS Vulnerability

ICS-CERT informed the affected vendor and asked to confirm the vulnerability and identify mitigations. ICS-CERT issued a report to provide early notice and identify baseline mitigations for reducing risks to these and other cyber security attacks.

Proof of Concept is publicly available. ICS-CERT recommends entities to review sign messaging, update access credentials, and harden communication paths to the signs.

Cyber Security

ICS-CERT is currently coordinating with the vendor and researcher to identify mitigations.

Pin It on Pinterest

Share This