Lucene search
K

5 matches found

CNVD
CNVD
added 2025/09/16 12:0 a.m.3 views

Siemens Mobility Trainguard End-of-Train and Head-of-Train Weak Authentication Vulnerability

The Trainguard End-of-Train EOT is a new generation of end-of-train devices for connecting on-board telemetry.The Trainguard Head-of-Train HOT is a front-of-train device. These devices communicate using the S-9152 standard. A weak authentication vulnerability exists in Siemens Mobility Trainguard...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/08/01 12:0 a.m.7 views

The vulnerability of the BCH Handler component in the End-of-Train and Head-of-Train protocols allows a attacker to trigger a service failure.

The vulnerability of the BCH Handler component in the End-of-Train and Head-of-Train protocols relates to the bypassing of authentication processes. Exploiting this vulnerability can allow a malicious actor to cause service failures...

9.4CVSS8AI score0.0053EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2025/07/16 4:57 p.m.4 views

Hacking Trains

Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device FRED, also known as an End-of-Train EOT device, is attached to the back of a train and sends...

7.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/07/10 10:59 p.m.3 views

CVE-2025-1727 End-of-Train and Head-of-Train Remote Linking Protocol Weak Authentication

The protocol used for remote linking over RF for End-of-Train and Head-of-Train also known as a FRED relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting...

8.1CVSS7.5AI score0.0053EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.5 views

PT-2025-29125

Name of the Vulnerable Software and Affected Versions End-of-Train EoT and Head-of-Train HoT devices affected versions not specified Description A critical vulnerability exists in the remote linking protocol used for End-of-Train EoT and Head-of-Train HoT devices, which rely on a BCH checksum for...

9.4CVSS8.8AI score0.0053EPSS
Exploits0References27
Rows per page
Query Builder