Rough Around the Edges: The State of OT/IoT Routers in the Software Supply Chain

Uncover Critical Vulnerabilities in OT/IoT Routers

As cyber threats continue to evolve, understanding the vulnerabilities in your connected devices is more critical than ever. Finite State, in collaboration with Forescout Technologies, presents "Rough Around the Edges," an in-depth report analyzing the state of software supply chains in OT/IoT routers.


Key Findings:

  • Outdated Software Components: Many routers use software components that are over four years old, significantly increasing security risks.
  • Prevalence of Known Vulnerabilities: On average, each firmware image contains 161 known vulnerabilities, with 24 rated as critical.
  • Security Gaps: A significant lack of binary protection mechanisms was observed across devices, underscoring the need for improved security practices.

Why This Report Matters:

OT and IoT routers are essential for connecting critical devices across various environments such as electrical substations, oil and gas fields, and healthcare facilities. However, these routers are frequently targeted by cybercriminals, nation-state actors, and hacktivists. This report highlights the urgent need for enhanced software supply chain security to protect these vital infrastructures.


What You’ll Learn:

  • Detailed Analysis: Explore the vulnerabilities identified in OT/IoT routers, including risks posed by outdated software components, lack of binary hardening, and custom patching issues.
  • Software Supply Chain Insights: Understand the challenges associated with supply-chain vulnerabilities in router firmware and how attackers exploit these weaknesses.
  • Security Improvement Strategies: Discover practical strategies for securing OT and IoT routers, such as patch management, leveraging Software Bill of Materials (SBOM) solutions, and enhancing authentication practices.

Download the Report

Equip your organization with the knowledge and tools to better protect your OT/IoT infrastructure. Gain deep insights into the vulnerabilities affecting your devices and learn how to proactively address these risks.

Download the Report