CNNVD-202507-1569 Information

Jul 10, 2025 cve

CNNVD ID

CNNVD-202507-1569

CVE-2025-1727

CNNVD Published: 2025-07-10

Description (Chinese)

AAR End-of-Train and Head-of-Train remote linking protocol是美国AAR公司的一个火车控制协议。 AAR End-of-Train and Head-of-Train remote linking protocol存在安全漏洞，该漏洞源于远程链接协议依赖BCH校验和，可能导致制动控制命令被恶意执行。

Description (English)

AAR End-of-Train and Head-of-Train remote lling protocol is a train control agreement between AAR and AAR. AAR End-of-Train and Head-of-Train remote lling protocol has a security loophole, which stems from the reliance of the remote link protocol on BCH verification and concoction, which may lead to the malicious execution of brake control orders.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

AAR

Published

2025-07-10

Last Modified

2026-02-24

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-10 https://access.redhat.com/security/cve/cve-2025-1727 https://nvd.nist.gov/vuln/detail/CVE-2025-1727

Share on: