https://community.isc2.org/t5/Threats/Train-Brakes-Can-Be-Hacked-Over-Radio-And-the-Industry-Knew-for/m-p/82354#M1683 <P>Hi All</P><P>&nbsp;</P><P><STRONG>The US cybersecurity agency CISA has disclosed a vulnerability that can be exploited to manipulate or tamper with a train’s brakes.&nbsp;</STRONG></P><P>CISA last week published an advisory describing <A href="https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-10" target="_blank" rel="noopener">CVE-2025-1727</A>, an issue affecting the remote linking protocol used by systems known as End-of-Train and Head-of-Train.</P><P>An End-of-Train (EoT) device, also known as a Flashing Rear End Device (FRED), is placed at the end of a train, being designed to transmit data to a device in the locomotive named the Head-of-Train (HoT). The system, introduced to replace the <A href="https://en.wikipedia.org/wiki/Caboose" target="_blank" rel="noopener">caboose</A>, is used to obtain status data from the end of the train (particularly useful for long freight trains), but it can also receive commands to apply the brakes at the rear of the train.</P><P>The problem, according to CISA's advisory, is that the protocol remotely linking the EoT and HoT over radio signals is not secure (no authentication or encryption are used), enabling an attacker to use specially crafted packets transmitted with a software-defined radio to send commands to the EoT device.</P><P>&nbsp;</P><P>Read more here:</P><P>&nbsp;</P><P><A href="https://www.securityweek.com/train-hack-gets-proper-attention-after-20-years-researcher/" target="_blank" rel="noopener">https://www.securityweek.com/train-hack-gets-proper-attention-after-20-years-researcher/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Thu, 17 Jul 2025 22:18:53 GMT Caute_cautim 2025-07-17T22:18:53Z https://community.isc2.org/t5/Threats/Train-Brakes-Can-Be-Hacked-Over-Radio-And-the-Industry-Knew-for/m-p/82354#M1683 <P>Hi All</P><P>&nbsp;</P><P><STRONG>The US cybersecurity agency CISA has disclosed a vulnerability that can be exploited to manipulate or tamper with a train’s brakes.&nbsp;</STRONG></P><P>CISA last week published an advisory describing <A href="https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-10" target="_blank" rel="noopener">CVE-2025-1727</A>, an issue affecting the remote linking protocol used by systems known as End-of-Train and Head-of-Train.</P><P>An End-of-Train (EoT) device, also known as a Flashing Rear End Device (FRED), is placed at the end of a train, being designed to transmit data to a device in the locomotive named the Head-of-Train (HoT). The system, introduced to replace the <A href="https://en.wikipedia.org/wiki/Caboose" target="_blank" rel="noopener">caboose</A>, is used to obtain status data from the end of the train (particularly useful for long freight trains), but it can also receive commands to apply the brakes at the rear of the train.</P><P>The problem, according to CISA's advisory, is that the protocol remotely linking the EoT and HoT over radio signals is not secure (no authentication or encryption are used), enabling an attacker to use specially crafted packets transmitted with a software-defined radio to send commands to the EoT device.</P><P>&nbsp;</P><P>Read more here:</P><P>&nbsp;</P><P><A href="https://www.securityweek.com/train-hack-gets-proper-attention-after-20-years-researcher/" target="_blank" rel="noopener">https://www.securityweek.com/train-hack-gets-proper-attention-after-20-years-researcher/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Thu, 17 Jul 2025 22:18:53 GMT https://community.isc2.org/t5/Threats/Train-Brakes-Can-Be-Hacked-Over-Radio-And-the-Industry-Knew-for/m-p/82354#M1683 Caute_cautim 2025-07-17T22:18:53Z