Overview
- CISA’s July advisory assigned CVE-2025-1727 to the End-of-Train protocol, flagging weak authentication in the FRED/EOT-HOT system with a CVSS score of 8.1.
- Independent researcher Neil Smith first reported the vulnerability to ICS-CERT in 2012 and re-engaged with CISA in 2024 after agency restructuring reignited action.
- The Association of American Railroads has declined to patch the legacy system and intends to roll out the IEEE 802.16t replacement protocol by 2027.
- CISA and industry partners are implementing stopgap measures such as network segmentation and enhanced monitoring to reduce risk before the new protocol is deployed.
- Experts remain divided on exploit complexity, with CISA officials citing the need for physical access, deep protocol knowledge and specialized gear while Smith warns that sub-$500 radios can spoof brake commands from hundreds of feet away.