### Name of the Vulnerable Software and Affected Versions:

End-of-Train (EoT) and Head-of-Train (HoT) devices (affected versions not specified)

### Description:

A critical vulnerability exists in the remote linking protocol used for End-of-Train and Head-of-Train (also known as FRED) devices, which rely on a BCH checksum for packet creation. This allows for the creation of malicious packets with a software-defined radio to issue brake control commands to the EoT device, potentially disrupting operations or overwhelming the brake systems. A similar vulnerability was exploited in Europe in August 2023, causing train disruptions. The vulnerability has been known for approximately 20 years, with researchers raising concerns since 2012. The Association of American Railroads (AAR) plans to replace the outdated protocol with IEEE 802.16t Direct Peer-to-Peer (DPP), with implementation beginning in 2026. Successful exploitation could allow an attacker to send brake control commands to the end-of-train device.

### Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.