Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

ICS-CERT warns of possible hack of road signs controlled by Daktronics Vanguard software

ICS-CERT issued an alert for the presence of a hardcoded password flaw in Daktronics Vanguard highway dynamic message sign (DMS) configuration software. Security experts have discovered a new flaw in Daktronics’ Vanguard software which could be remotely exploited by hackers to hack electronic road signs. A week ago, it was reported that Daktronics’ Vanguard dynamic highway message sign (DMS) configuration […]

ICS-CERT warns of possible hack of road signs controlled by Daktronics Vanguard software

ICS-CERT issued an alert for the presence of a hardcoded password flaw in Daktronics Vanguard highway dynamic message sign (DMS) configuration software.

Security experts have discovered a new flaw in Daktronics’ Vanguard software which could be remotely exploited by hackers to hack electronic road signs.

A week ago, it was reported that Daktronics’ Vanguard dynamic highway message sign (DMS) configuration software contain hard-coded default credentials, but the company remarked that this is not a security issue because credentials could be changed by the organization that manage Daktronics’ Vanguard application.

The Department of Homeland Security’s Industrial Control System Cyber Emergency Response Team (ICS-CERT) has issued a specific alert on the vulnerability discovered in Daktronics’ Vanguard software.

“ICS-CERT is aware of a public report of a hardcoded password vulnerability affecting Daktronics Vanguard highway dynamic message sign (DMS) configuration software. According to this report, the vulnerability is a hardcoded password that could allow unauthorized access to the highway sign. This report was reported to ICS-CERT by the Federal Highway” states the ICS-CERT alert.

The ICS-CERT revealed the existence of a proof-of-concept attack online that can be followed by bad actors to remotely modify sign messaging. The Emergency Response Team suggests to those in control of signs running the affected Daktronics’ Vanguard dynamic highway message sign (DMS) configuration software to “review sign messaging, update access credentials, and harden communication paths to the signs.”

ICS-CERT road sign 1

Daktronics and the Federal Highway Administration provided the following recommendations:

  • Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
  • Locate system networks and devices behind firewalls, and isolate them from the business network.
  • When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.

ICS-CERT suggest organizations to perform risk assessment prior to taking defensive measures, and of course to report to ICS-CERT any anomalous activities to their systems.

Yesterday I published another interesting post on the alert provided by ICS-CERT related to risks of cyber attacks to ICS systems exposed on-line, the number of cyber attacks is increasing and problems like the one discovered in Daktronics’ Vanguard could be exploited by attackers to cause serious problems and harm Homeland security.

Pierluigi Paganini

(Security Affairs –  ICS-CERT,  Daktronics)