20-Year-Old Vulnerability Allows Hackers to Control Train Brakes

CISA has issued a critical advisory warning a severe vulnerability in railway communication systems that could allow attackers to control train brakes remotely. The vulnerability, assigned CVE-2025-1727, affects End-of-Train and Head-of-Train remote linking protocols used across the United States transportation infrastructure. FRED Protocol Vulnerability The vulnerability, categorized under CWE-1390 for weak authentication, has been assigned a CVSS v4 base score of 7.2 and a CVSS v3 score of 8.1, indicating high severity. The CVSS v4 vector string (AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H) reveals that the attack requires adjacent network access but has low complexity and no privileges required. The vulnerability affects all versions of the End-of-Train and Head-of-Train remote linking protocol, commonly known as FRED (Flashing Rear End Device). This protocol is maintained by the Association of American Railroads (AAR) Railroad Electronics Standards Committee (RESC) and i...