Connected devices form the operational backbone of almost every organization, especially in the IT sector.
That said, most devices are highly vulnerable to attacks capable of running organizations out of business.
Forescout, since 2020, has been monitoring the riskiest devices in organizational networks leveraging data sourced directly from their multifactor risk scoring tool. Their latest report, “The Riskiest Connected Devices of 2025″, points out routers as the riskiest devices bearing the most critical vulnerabilities.
Additionally, 12 new device types appeared in the list making it the largest year-over-year. This data speaks volume of attacker’s relentless pursuit of exploiting weaknesses in new device classes.
Routers contain the most critical vulnerabilities
As mentioned earlier, routers lead the chart of most devices with critical vulnerabilities. From the report, computers have the highest number of vulnerabilities but most aren’t necessarily dangerous.
The little vulnerabilities found in routers are often detrimental.
Devices such as wireless routers/access points, VOIP, servers, pump controllers, medication dispensing systems, printers, firewalls, and healthcare stations appeared in the chart with lower percentages except for wireless routers/access points – third on the critical vulnerability list after computers.
Device risk by industry and country
The retail sector has the highest average device risk in 2025 followed by financial services, government, healthcare and manufacturing.
The overall average risk score between these industries skyrocketed from 2024’s average of 7.73 to 8.98. – That’s a 15% increase.
With distribution by country, the top five include Spain, China, the UK, Qatar and Singapore. These countries appear to have the riskiest devices in any industry you can think of.
Trend usage of telnet over SSH
Interestingly, the report revealed a shift in every industry from SSH usage, which is secured by the way, to Telnet considered weak and without encryption.
The majority of this trend was observed in government networks – growing from 2% to 10% of devices – which correlates with the rise in embedded operating systems adoption by governments.
Also, the use of SMB (Server Message Block) increased in financial services and government sectors, while it declined in other industries.
RDP (Remote Desktop Protocol) usage rose in financial services, healthcare, and manufacturing, but saw a decrease in government and retail sectors.
Telnet and SSH (Secure Shell) are now most commonly used in government while SMBs and RDPs continue to be predominant in the financial services industry.
Mitigation strategies
Forecourt advises organizations to:
• Use automated, proactive controls that extend across the entire enterprise and accelerate response
• Avoid depending solely on security agents
• Ensure continuous risk reduction across all interconnected systems
• Upgrade from Windows 10 to Windows 11 for regular security support.
About Author
