Train Hack Gets Proper Attention After 20 Years: Researcher

The US cybersecurity agency CISA has disclosed a vulnerability that can be exploited to manipulate or tamper with a train’s brakes.

CISA last week published an advisory describing CVE-2025-1727, an issue affecting the remote linking protocol used by systems known as End-of-Train and Head-of-Train.

An End-of-Train (EoT) device, also known as a Flashing Rear End Device (FRED), is placed at the end of a train, being designed to transmit data to a device in the locomotive named the Head-of-Train (HoT). The system, introduced to replace the caboose, is used to obtain status data from the end of the train (particularly useful for long freight trains), but it can also receive commands to apply the brakes at the rear of the train.

The problem, according to CISA’s advisory, is that the protocol remotely linking the EoT and HoT over radio signals is not secure (no authentication or encryption are ...