End-of-Train and Head-of-Train Remote Linking Protocol (Update C)

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train device, causing a sudden stoppage of the train which may lead to a disruption of operations, or induce brake failure.

CVEs (1)

Remediations

• The Association of American Railroads (AAR) is pursuing new equipment and protocols which should replace traditional End-of-Train and Head-of-Train devices. The standards committees involved in these updates are aware of the vulnerability and are investigating mitigating solutions.
• The AAR Railroad Electronics Standards Committee (RESC) maintains this protocol which is used by multiple manufacturers across the industry.
• Known affected vendors are:
• Wabtec
• Siemens
• DPS Electronics
• Users of EoT/HoT devices are recommended to contact their own device manufacturers with questions.
• Wabtec directs users to visit their cybersecurity page for additional information.
• Siemens advises users of Trainguard devices to reference the associated security bulletin.

Affected Vendors

Affected Products (11)

Affected Sectors

Transportation Systems