New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking

Highway Signs and Billboards Exposed to Remote Hacking due to Critical Flaws in Daktronics Controllers

A critical vulnerability has been discovered in some controllers used by the US-based company Daktronics, potentially allowing hackers to tamper with highway signs and billboards worldwide. The flaws were identified by cybersecurity researcher Thomas Jou, an undergraduate at Princeton University, who reported them to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) through its Vulnerability Identification Notification and Credentialing Exchange (VINCE) platform.

Daktronics’ controllers manage large-scale LED video displays, electronic scoreboards, digital billboards, and dynamic audio systems. The company’s products can be seen in various locations globally, including high school gymnasiums, professional sports arenas, highways, international airports, and metropolitan billboards. According to CISA, the affected Daktronics controllers are the VFC-DMP-5000, DMP-5000, and DMP-8000 models.

The vulnerabilities, which include a path traversal issue, an authenticated arbitrary file upload issue, and default admin credentials that provide full system access, could be exploited by hackers to gain complete control over the system. In practical terms, this means attackers could tamper with what is displayed on signs and billboards, potentially loading false or malicious messages, fake alerts, or even taking full control of the device.

The researcher who discovered the vulnerabilities noted that it’s not just a matter of patching the affected systems; rather, it’s up to Daktronics’ customers to ensure their installations are not exposed to the internet. Thomas Jou has identified multiple internet-exposed controllers, making them vulnerable to remote exploitation. The impact of these vulnerabilities ranges from simple reconnaissance to full control of the device.

Daktronics has released patches for the affected controllers and advised its users to change default passwords as a precautionary measure. However, it remains unclear whether all installations have been updated with the latest firmware versions. In an interview with SecurityWeek, Thomas Jou commended Daktronics’ responsiveness in addressing the vulnerabilities, stating that the vendor acknowledged the findings quickly and had patched firmware versions ready by early March.

In light of this discovery, it’s essential for organizations responsible for managing these displays to take immediate action. This includes updating affected systems with the latest patches, changing default passwords, and ensuring that all installations are not exposed to the internet. Furthermore, regular security audits and monitoring can help identify potential vulnerabilities before they can be exploited by hackers.

As the world becomes increasingly dependent on technology, it’s crucial for manufacturers and operators of critical infrastructure to prioritize cybersecurity and take proactive measures to prevent such vulnerabilities from being exploited. By doing so, we can mitigate the risks associated with these types of attacks and ensure that our public spaces remain secure.


Source: SecurityWeek — 2026-06-30