Thursday, May 8, 2025
HomeCyber AttackHackers Exploit Router Flaws in Ongoing Attacks on Enterprise Networks

Hackers Exploit Router Flaws in Ongoing Attacks on Enterprise Networks

Published on

SIEM as a Service

Follow Us on Google News

Enterprises are facing heightened cyber threats as attackers increasingly target network infrastructure, particularly routers, following a trend noted in Forescout Research Vedere Labs’ 2025 report on the riskiest connected devices.

The Forescout report reveals a significant shift in the cybersecurity landscape, where routers have now surpassed traditional endpoints as the primary target for cyberattacks.

This change comes due to the inherent exposure of these devices at network perimeters and the availability of high-severity vulnerabilities that are exploited rapidly through large-scale campaigns.

- Advertisement - Google News

Emerging Device Threats

This year’s report highlights a notable increase in risk, with 12 new device types making their debut on the list of most vulnerable devices, marking the largest year-over-year change observed to date.

These include Application Delivery Controllers (ADCs), firewalls, and IPMI devices, which are critical for out-of-band server management but are fraught with vulnerabilities, some of which have public exploits.

Among the most vulnerable devices are routers, which now account for over 50% of the devices with critical vulnerabilities.

This has made them prime targets for exploitation, with attacks often beginning through these gateways into the broader enterprise network.

The retail sector has emerged with the riskiest devices on average, followed by financial services, government, healthcare, and manufacturing.

A clear trend noted is the narrowing gap in risk scores between different sectors, indicating a universal rise in device vulnerability across all industries.

Key Security Challenges

The widespread use of legacy Windows versions, particularly in government and healthcare sectors, continues to pose substantial risks. ‘

Moreover, the use of unencrypted Telnet has surged, replacing the more secure SSH, especially within government networks.

This shift towards less secure protocol usage is a concerning security trend that exposes devices to a higher risk of unauthorized access.

Security professionals are urged to adopt a holistic security strategy that covers IT, IoT, OT, and IoMT devices.

The report stresses the importance of not just identifying vulnerabilities but also actively managing and mitigating risks across these varied device ecosystems.

Traditional endpoint-focused security measures are now insufficient; instead, there should be an emphasis on comprehensive, automated security controls that do not rely solely on endpoint agents.

As the cyberattack landscape evolves, the focus on network equipment, especially routers, as entry points for attacks underscores the need for enterprises to strengthen security measures at the network level.

Continuous vigilance and adaptive security frameworks are crucial in countering these evolving threats effectively.

Find this News Interesting! Follow us on Google NewsLinkedIn, & X to Get Instant Updates!

Aman Mishra
Aman Mishra
Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Latest articles

Critical Vulnerability in Ubiquiti UniFi Protect Camera Allows Remote Code Execution by Attackers

Critical security vulnerabilities in Ubiquiti’s UniFi Protect surveillance ecosystem-one rated the maximum severity score...

IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers

A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux,...

Cisco IOS Software SISF Vulnerability Could Enable Attackers to Launch DoS Attacks

Cisco has released security updates addressing a critical vulnerability in the Switch Integrated Security...

Seamless AI Communication: Microsoft Azure Adopts Google’s A2A Protocol

Microsoft has announced its support for the Agent2Agent (A2A) protocol, an open standard developed...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Critical Vulnerability in Ubiquiti UniFi Protect Camera Allows Remote Code Execution by Attackers

Critical security vulnerabilities in Ubiquiti’s UniFi Protect surveillance ecosystem-one rated the maximum severity score...

IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers

A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux,...

Cisco IOS Software SISF Vulnerability Could Enable Attackers to Launch DoS Attacks

Cisco has released security updates addressing a critical vulnerability in the Switch Integrated Security...