The Riskiest Connected Devices of 2025: What You Need to Know

In today’s hyperconnected world, understanding device security vulnerabilities has never been more critical. The latest Forescout Research – Vedere Labs report on “The Riskiest Connected Devices in 2025” provides crucial insights into the current state of device security across various industries and regions. This comprehensive analysis examines millions of devices to identify those that pose the greatest cybersecurity risks to organizations.

  Key Findings

The report reveals a significant 15% increase in overall device risk compared to 2024, highlighting the escalating cybersecurity threats facing organizations worldwide. Perhaps most notably, network equipment – particularly routers – has overtaken endpoints as the riskiest category of IT devices. This shift demonstrates how threat actors are adapting their strategies, focusing more on network infrastructure as entry points.

  The Riskiest Devices of 2025

Forescout’s report identifies the five riskiest device types across four major categories:

Information Technology (IT)

1. Application Delivery Controllers (ADCs)
2. Firewalls
3. Routers
4. Intelligent Platform Management Interface (IPMI)
5. Domain Controllers

Internet of Things (IoT)

1. Network Video Recorders (NVRs)
2. Voice over IP (VoIP) Systems
3. IP Cameras
4. Network Attached Storage (NAS) Systems
5. Point of Sale (PoS) Devices

Operational Technology (OT)

1. Universal Gateways
2. Building Management Systems (BMSs)
3. Historians
4. Physical Access Control Systems
5. Uninterruptible Power Supplies (UPS)

Internet of Medical Things (IoMT)

1. Picture Archiving and Communication Systems (PACS)
2. Imaging Devices
3. Lab Equipment
4. Healthcare Workstations
5. Infusion Pump Controllers

Remarkably, of the 20 riskiest device types identified in 2025, only eight were also featured in the 2024 report. This represents the largest year-over-year change observed to date, underscoring attackers’ growing interest in targeting emerging device types.

(Riskiest Devices – Source: Forescout Research Vedere Labs)

  Risk by Industry

The retail sector currently faces the highest average device risk, followed by financial services, government, healthcare, and manufacturing. What’s particularly concerning is that the gap in risk scores between industries has narrowed significantly, with an overall average risk score of 8.98 (on a scale of 1-10). This represents a 15% increase from 2024’s average of 7.73, emphasizing the growing cybersecurity threat across all sectors.

(Industries With the Highest Average Device Risk – Source: Forescout Research Vedere Labs)

  Operating Systems

While traditional IT operating systems (Windows, Linux, macOS, and UNIX) remain dominant across all industries, the report identifies some concerning trends:

• Special-purpose operating systems (embedded firmware and networking OSes) are now more prevalent than mobile operating systems across all industries
• The highest concentrations of these specialized OSes are in healthcare (16%), government (14%), and manufacturing (12%)
• Legacy Windows versions remain most common in government (2.7%), healthcare (2.2%), and manufacturing (1.8%)
• More than 50% of non-legacy Windows devices across all industries still run Windows 10, which reaches end-of-support in October 2025
• Retail and healthcare have the highest proportions of Windows 10 devices, with around 75% of their non-legacy Windows systems running this soon-to-be-outdated OS

(Industries With the Highest Average Device Risk – Source: Forescout Research Vedere Labs)

  Open Ports

The report analyzes four commonly exploited ports: Server Message Block Protocol (SMB), Remote Desktop Protocol (RDP), Secure Shell (SSH), and Telnet. Some key findings include:

• SMB remains the most widely used protocol across all industries
• Concerningly, encrypted SSH use has declined while unencrypted Telnet use has increased across every industry
• Government saw the largest growth in Telnet usage, rising from 2% to 10% of devices
• Telnet and SSH are now most prevalent in government networks
• SMB and RDP are most prevalent in financial services

  Vulnerabilities

When analyzing device vulnerabilities, the report makes a crucial distinction between total vulnerabilities and the most dangerous ones (those with critical severity and extreme exploitability). While computers have the highest total number of vulnerabilities, routers account for over 50% of the most critical vulnerabilities in organizational networks.

Several IoMT devices – including pump controllers, medication dispensing systems, and healthcare workstations – appear among the devices with the most dangerous vulnerabilities, highlighting the increasing cybersecurity risks in healthcare environments.

 How CinchOps Can Help Secure Your Business

As the Forescout report clearly demonstrates, today’s cybersecurity challenges require a comprehensive approach that spans across IT, IoT, OT, and IoMT devices. At CinchOps, we specialize in providing integrated security solutions that address these complex needs:

1. Comprehensive Visibility: Our advanced network monitoring tools provide complete visibility across your entire device ecosystem, identifying all connected devices regardless of type or category.
2. Risk Assessment and Prioritization: We help you identify and prioritize the most vulnerable devices in your network, focusing on those with the most critical security flaws.
3. Multi-Factor Authentication: We implement robust authentication measures to protect critical systems, especially those with administrative access.
4. Network Segmentation: Our experts design and implement effective network segmentation strategies to limit lateral movement and contain potential breaches.
5. Continuous Monitoring and Response: We provide 24/7 monitoring and rapid response capabilities to detect and address threats before they can cause significant damage.
6. Legacy System Protection: We develop specialized security measures for legacy systems that cannot be easily updated or replaced.
7. OS Migration Planning: With Windows 10 reaching end-of-support in 2025, we help organizations plan and execute smooth transitions to supported operating systems.
8. Secure Remote Access: We implement encrypted remote access solutions to replace vulnerable protocols like Telnet.
9. Vulnerability Management: Our systematic approach identifies, prioritizes, and remediates vulnerabilities across your entire device ecosystem.
10. Compliance Management: We ensure your organization meets relevant industry regulations and security standards.

Don’t wait until a breach occurs to address these critical security challenges. Contact CinchOps today to schedule a comprehensive security assessment and learn how our tailored solutions can protect your business from evolving cybersecurity threats.

 Discover More 

Discover more about our enterprise-grade and business protecting cybersecurity services on our Cybersecurity page.

Discover related articles: Cybersecurity Alert: Key Insights from Ontinue’s 2H 2024 Threat Intelligence Report

For Additional Information on this topic, check out: Forescout Announces Riskiest Connected Devices of 2025

FREE CYBERSECURITY ASSESSMENT