CISA: US train braking system flaw threatens derailment

Attacks exploiting a high-severity flaw impacting U.S. train braking systems, tracked as CVE-2025-1727, were noted by the Cybersecurity and Infrastructure Security Agency to potentially result in sudden remote train stoppages that could ultimately lead to derailments, Cybersecurity Dive reports.

While new systems for sending end-of-train and head-of-train packets meant to replace the vulnerable instances are already being developed by the Association of American Railroads, such systems will only be ready for implementation by 2027, noted cybersecurity researcher Neil Smith, whose previous disclosure of the issue over a decade ago was disregarded by the AAR unless proven in real life applications. Acting CISA Executive Assistant Director for Cybersecurity Chris Butera acknowledged the rail sector's knowledge of the "technically significant" issue, which was noted to be challenging to exploit due to extensive protocol knowledge, specialized equipment, and physical rail line access requirements. Such a development comes amid the Transportation Security Administration's ongoing efforts to strengthen the rail industry's cybersecurity defenses.

