HomeIntelligenceBrief
VULNERABILITY BRIEF🔴 Critical Vulnerability

Critical Path‑Traversal, Unrestricted File Upload, and Hard‑Coded Credential Flaws in Daktronics Controller Firmware (CVE‑2026‑28701) Enable Unauthenticated Root Access

CISA has disclosed three high‑severity flaws in Daktronics controller firmware that allow unauthenticated attackers to gain full root control. The vulnerabilities affect devices used in commercial facilities, healthcare, and emergency services, making timely remediation essential for SOC 2 audit readiness.

LiveThreat™ Intelligence · 📅 June 25, 2026· 📰 cisa.gov
🔴
Severity
Critical
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
5 recommended
📰
Source
cisa.gov

Critical Path‑Traversal, Unrestricted File Upload, and Hard‑Coded Credential Flaws in Daktronics Controller Firmware (CVE‑2026‑28701) Enable Unauthenticated Root Access

What It Is — The U.S. Cybersecurity & Infrastructure Security Agency (CISA) advisory details three independent flaws in Daktronics Controller Firmware: a path‑traversal bug, an unrestricted file‑upload vulnerability, and hard‑coded credentials. Any remote user, without authentication, can exploit these weaknesses to gain full root‑level control of the device.

Exploitability — Publicly disclosed; no public exploit code, but the advisory notes that successful exploitation is trivial and could be automated. CVSS v3 base score 8.1 (High).

Affected Products — All firmware versions prior to the following releases:

  • VFC‑DMP‑5000 < v8.117.x.x, < v9.43.x.x, < v10.34.x.x
  • DMP‑5000 < v8.117.x.x, < v9.43.x.x, < v10.34.x.x
  • DMP‑8000 < v8.117.x.x, < v9.43.x.x, < v10.34.x.x

These controllers are deployed worldwide in commercial facilities, IT environments, emergency services, and healthcare settings.

Why It Matters for Compliance & Audit Readiness

  • Control Mapping – The flaws map directly to SOC 2 CC6.1 (System Operations) and CC7.1 (Change Management). Demonstrating that you have identified, patched, and continuously monitor such firmware gaps is essential evidence for audit readiness.
  • Continuous Evidence – Ongoing verification that only approved firmware versions run on critical OT assets provides a defensible audit trail and satisfies the “monitoring of security controls” requirement in SOC 2.
  • Due Diligence – Vendors that fail to remediate known firmware vulnerabilities can jeopardize third‑party risk assessments; documenting remediation shows proactive risk management to partners and regulators.

Recommended Actions

  • Patch Immediately – Apply the latest firmware releases from Daktronics to all affected controllers.
  • Network Segmentation – Isolate OT networks from corporate IT and enforce strict firewall rules to limit inbound traffic to management interfaces.
  • Credential Hygiene – Replace any default or hard‑coded credentials with unique, strong passwords and rotate them regularly.
  • Continuous Monitoring – Deploy an agent or sensor that records firmware version, configuration drift, and unauthorized access attempts; map these logs to SOC 2 control evidence.
  • Document Remediation – Update your control matrix to reflect the new firmware version, the mitigation steps taken, and the monitoring cadence.

Source: CISA Advisory – ICSA‑26‑176‑04

📰 Original Source
https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-04

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →