ICS-CERT issued an alert for the presence of a hardcoded password flaw in Daktronics Vanguard highway dynamic message sign (DMS) configuration software.
Security experts have discovered a new flaw in Daktronics’ Vanguard software which could be remotely exploited by hackers to hack electronic road signs.
A week ago, it was reported that Daktronics’ Vanguard dynamic highway message sign (DMS) configuration software contain hard-coded default credentials, but the company remarked that this is not a security issue because credentials could be changed by the organization that manage Daktronics’ Vanguard application.
The Department of Homeland Security’s Industrial Control System Cyber Emergency Response Team (ICS-CERT) has issued a specific alert on the vulnerability discovered in Daktronics’ Vanguard software.
“ICS-CERT is aware of a public report of a hardcoded password vulnerability affecting Daktronics Vanguard highway dynamic message sign (DMS) configuration software. According to this report, the vulnerability is a hardcoded password that could allow unauthorized access to the highway sign. This report was reported to ICS-CERT by the Federal Highway” states the ICS-CERT alert.
The ICS-CERT revealed the existence of a proof-of-concept attack online that can be followed by bad actors to remotely modify sign messaging. The Emergency Response Team suggests to those in control of signs running the affected Daktronics’ Vanguard dynamic highway message sign (DMS) configuration software to “review sign messaging, update access credentials, and harden communication paths to the signs.”
Daktronics and the Federal Highway Administration provided the following recommendations:
Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
Locate system networks and devices behind firewalls, and isolate them from the business network.
When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
ICS-CERT suggest organizations to perform risk assessment prior to taking defensive measures, and of course to report to ICS-CERT any anomalous activities to their systems.
Yesterday I published another interesting post on the alert provided by ICS-CERT related to risks of cyber attacks to ICS systems exposed on-line, the number of cyber attacks is increasing and problems like the one discovered in Daktronics’ Vanguard could be exploited by attackers to cause serious problems and harm Homeland security.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.