The US cybersecurity agency CISA has disclosed a vulnerability that can be exploited to manipulate or tamper with a train’s brakes. CISA last week published an advisory describing CVE-2025-1727, an issue affecting the remote linking protocol used by systems known as End-of-Train and Head-of-Train. An End-of-Train (EoT) device, also known as a Flashing Rear End Device (FRED), is placed at the end of a train, being designed to transmit data to a device in the locomotive named the Head-of-Train (Ho...