Forescout Report Highlights Routers, Serial‑to‑IP Converters, and Workstations as Top‑Risk Devices in 2026
What Happened — Forescout’s 2026 “Riskiest Devices” research identified 20 asset types across IT, IoT, OT, and IoMT that are most frequently compromised. Routers remain the highest‑risk IT asset, while serial‑to‑IP converters and workstations have entered the top‑five for the first time.
Why It Matters for TPRM —
- Asset inventories that omit these high‑risk devices leave third‑party environments exposed to exploitation.
- Vulnerability density (average 32 CVEs per router/switch) creates a persistent attack surface that suppliers may inherit.
- Financial services, government, and healthcare show the greatest average device risk, indicating higher downstream supply‑chain exposure.
Who Is Affected — Financial services, government, healthcare, retail, manufacturing, and any organization that relies on network‑level devices, OT controllers, or IoMT equipment.
Recommended Actions —
- Conduct a comprehensive inventory of all routers, serial‑to‑IP converters, workstations, and other listed asset types within your vendor ecosystem.
- Verify that vendors apply timely patches and firmware updates, especially for “special operating systems” (embedded firmware, networking OS).
- Prioritize security assessments for suppliers in financial services, government, and healthcare sectors.
Technical Notes — The risk stems from a combination of high vulnerability counts, legacy firmware, and weak patch‑management processes. No specific CVE is cited, but the average of 32 vulnerabilities per router/switch underscores the need for continuous vulnerability scanning and configuration hardening. Source: Help Net Security