The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on July 10, warning about a vulnerability in the key train system that could allow hackers to send brake control commands remotely and cause significant disruption. The vulnerability was first reported in 2012.

According to CISA’s report, the vulnerability, designated CVE-2025-1727, affected all versions of the End-of-Train (EoT) and Head-of-Train (HoT) remote linking protocol, allowing malicious actors to manipulate trains’ brake systems using radio transmissions.

“The protocol used for remote linking over RF for End-of-Train and Head-of-Train (also known as a FRED) relies on a BCH checksum for packet creation,” states the document. “ It is possible to create these EoT and HoT packets with a software-defined radio and issue brake control commands to the EoT device, disrupting operations or potentially overwhelming the brake systems.”

CISA explained that experts are currently working on mitigations and that the Association of American Railroads (AAR) is looking for new equipment to replace the traditional devices. The agency credited cybersecurity experts Neil Smith and Eric Reuter as the first to report the vulnerability.

According to The Register, Smith reported the issue to the U.S. government over 10 years ago, in 2012. The expert shared several posts on the social media platform X explaining more about the vulnerability, its risks, and how he discovered it.

“So, how bad is this? You could remotely take control over a Train’s brake controller from a very long distance away, using hardware that costs sub $500,” wrote Smith. “You could induce brake failure leading to derailments, or you could shut down the entire national railway system.”

Smith added that publicly acknowledging the vulnerability was intended to pressure the AAR into taking action. He also predicts that the brake systems will be replaced by 2027.

CISA’s advisory was issued just days after other transportation services worldwide were targeted by cyberattacks. The FBI recently warned about the international hacking group Scattered Spider targeting airlines and travelers.