Organizations should ensure control system devices are not accessible from the internet, implement proper network segmentation with firewalls, and use secure remote access methods like Virtual Private Networks (VPNs). CISA has issued a critical advisory warning about a severe vulnerability in railway communication systems that could allow attackers to control train brakes remotely. Researchers Neil Smith and Eric Reuter discovered that attackers can exploit this weakness using software-defined radio (SDR) technology to create malicious End-of-Train (EoT) and Head-of-Train (HoT) packets. The alert classifies this as an Industrial Control System vulnerability with low attack complexity but significant potential impact on transportation systems operations. The vulnerability operates over radio frequency (RF) communications, making it particularly concerning for railway infrastructure security. Weak BCH checksum authentication allows attackers to use software-defined radio to forge brake control packets. The vulnerability, assigned CVE-2025-1727, affects End-of-Train and Head-of-Train remote linking protocols used across the United States transportation infrastructure. This protocol is maintained by the Association of American Railroads (AAR) Railroad Electronics Standards Committee (RESC) and is used by multiple manufacturers, including Hitachi Rail STS USA, Wabtec, and Siemens. The CVSS v4 vector string (AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H) reveals that the attack requires adjacent network access but has low complexity and no privileges required. Mitigation includes network isolation, firewall protection, secure VPN access, and manufacturer coordination for protocol updates.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 15 Jul 2025 05:40:13 +0000