Skip to main content
Explore our brands An Informa TechTarget Publication
close search
site logo

Network edge devices still widely used after reaching end-of-life status

A report by VulnCheck shows nation-state hackers often target flaws in aging routers, firewalls and VPNs.

Published March 23, 2026
David Jones's headshot
Reporter
Green lights show behind plugged-in cables.
A report by VulnCheck shows a large percentage of vulnerabilities are found in out-of-service edge devices. Getty Images

Dive Brief:

  • Network edge devices that have reached end-of-life status continue to pose a significant security risk in enterprise environments, according to a report released Monday by VulnCheck. 
  • More than four of every 10 vulnerabilities exploited during 2025 involved products that had reached end-of-life status or likely end-of-life status, according to VulnCheck. About two-thirds of the vulnerabilities linked to botnet activity involved devices that were no longer receiving active support from manufacturers.
  • Consumer networking equipment, often found in homes and small businesses, accounted for more than half of the vulnerabilities found in edge devices, according to the report. 

Dive Insight:

The report follows important concerns raised about the security of edge devices, due to their frequent targeting by state-linked threat groups and their exposure to the open internet. 

“These devices are internet-facing, widely deployed, and often poorly maintained,” Patrick Garrity, security researcher at VulnCheck, told Cybersecurity Dive. “Many network edge devices, especially consumer networking devices, remain in service for many years without firmware updates, making unsupported infrastructure a persistent attack surface.”

In early February, the Cybersecurity and Infrastructure Security Agency issued a directive for federal civilian agencies to mitigate aging devices by either patching flaws and updating software to the latest versions or replacing devices that were no longer receiving active support. 

CISA required agencies to immediately update devices that were still under support and gave a 12-month deadline to decommission all devices that were on the agency’s end-of-service dates list. State-linked adversaries, including China and Russia, have been exploiting flaws in end-of-service devices for many years and using that access to gain entry into corporate and government environments. 

As part of the research, VulnCheck examined more than 180 vulnerabilities that were known to have been exploited in 2025. 

Among the findings, only about 25% of the edge device flaws that were exploited made it to the CISA Known Exploited Vulnerabilities catalog. 

Filed Under: Vulnerability, Threats

Editors' picks

Company Announcements

View all | Post a press release
CyberFOX AutoElevate Named a High Performer in G2’s Spring 2026 Report for Privileged Access M…
From CyberFOX
April 01, 2026
CyberFOX logo
BrandShield Expands Brand and Digital Risk Protection to AI Platforms, Where Millions of Consu…
From BrandShield
April 01, 2026
BrandShield logo
Realm.Security Rolls Out AI-Ready Security Data for the Modern SOC Ahead of RSA Conference
From Realm.Security
March 16, 2026
Realm.Security logo
Why Edge RF Awareness Is Essential for the M2M Era
From Digital Global Systems
March 16, 2026
Digital Global Systems logo
Editors' picks
Latest in Vulnerability
This website is owned and operated by Informa TechTarget, a global network that informs, influences and connects the world's technology buyers and sellers.

© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. An Informa PLC company.
Privacy policy | Terms of use | Take down policy | Cookie Preferences / Do Not Sell