CVE-2026-28701

CRITICAL NVD

CVSS Score 9.8

Severity CRITICAL

Published Jun 26, 2026

Vendor unknown

Description

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-176-04.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-04