Particle.news

Download on the App Store

CISA Issues CVE for Freight Train Braking Flaw as Rail Industry Plans 2027 Overhaul

CISA’s advisory highlights the rail network’s dependency on an unprotected braking link, prompting operators to urgently deploy interim defenses ahead of a 2027 protocol overhaul.

© Allen J. Schaben / Los Angeles Times via Getty Images
Image
Image
Image

Overview

  • CISA’s July advisory assigned CVE-2025-1727 to the End-of-Train protocol, flagging weak authentication in the FRED/EOT-HOT system with a CVSS score of 8.1.
  • Independent researcher Neil Smith first reported the vulnerability to ICS-CERT in 2012 and re-engaged with CISA in 2024 after agency restructuring reignited action.
  • The Association of American Railroads has declined to patch the legacy system and intends to roll out the IEEE 802.16t replacement protocol by 2027.
  • CISA and industry partners are implementing stopgap measures such as network segmentation and enhanced monitoring to reduce risk before the new protocol is deployed.
  • Experts remain divided on exploit complexity, with CISA officials citing the need for physical access, deep protocol knowledge and specialized gear while Smith warns that sub-$500 radios can spoof brake commands from hundreds of feet away.