ALERT: Read an important update from Claroty on the global Microsoft outage linked to CrowdStrike
Read the blog
Claroty Toggle Search


State of XIoT Security: 1H 2022

Team82’s Analysis of Vulnerability Disclosures and Remediations Affecting the Extended Internet of Things.

View the Report

Team82 has revamped its biannual report to embrace an understanding of the vulnerabilities being disclosed and fixed within the Extended Internet of Things (XIoT). XIoT is the umbrella term for connected cyber-physical devices within industrial, healthcare, and commercial enterprise IoT environments.

This report is a reflection of the need to secure the cyber-physical systems that enable our ability to innovate and sustain our lives. We hope the State of XIoT Security report is a useful resource for you.

Interested in learning about Claroty's Cybersecurity Solutions?

XIoT Vulnerabilities Breakdown

While published operational technology vulnerabilities dominate Team82’s dataset for the 1H 2022, it’s important to note that the percentage of IoT vulnerabilities has almost doubled since our last report, especially impacting connected smart devices, routers and other networking gear, and cameras—all of which if compromised may afford an attacker deeper access to the enterprise network. 

Criticality and Impact

The vast majority of published XIoT vulnerabilities in the 1H 2022 were either critical or high severity.

Of those critical and high-severity vulnerabilities, many affect the availability of XIoT devices and enable code execution or denial-of-service attacks.

Let’s Talk About Firmware

Updating firmware presents challenges, yet with the rise in connected devices across industries, Team82’s dataset shows a spike in published firmware vulnerabilities, and marked improvement in remediations. More companies understand the need to secure connected OT, IoT, and IoMT devices, and firmware fixes are a big step forward.

Here you can see that for the 1H 2022, the number of published firmware vulnerabilities is almost on par with software vulnerabilities, a significant reversal from the 2H 2021 report when there was an almost 2-to-1 disparity between software and firmware vulnerabilities.

Steady Climb in IoT Vulnerabilities

Vulnerabilities in connected IoT devices—largely firmware issues—trail only Operations Management and Basic Control devices. Vulnerabilities in these products, which include Historian and OPC servers, as well as field devices, for example, are predominantly software-based.

Seconding Vendor Self-Disclosure 

For the first time, vendor self-disclosures have surpassed independent research groups and are now the second most prolific vulnerability reporters, trailing only third-party companies. This indicates more maturity among vendors in developing product safety and security organizations and diligence in reporting and fixing vulnerabilities.

Remediations and Mitigations

Team82’s 1H 2022 dataset indicates that vendors provided full or partial remediation for 91% of published vulnerabilities.

Breaking that down by software and firmware vulnerabilities, you can see the gains made in firmware fixes for the first half of the year compared to our last report.

Foundational Practices Must Be In Place

When a software patch or firmware update isn’t immediately available, basic security practices should be adhered to in order to blunt the impact of vulnerabilities. Here are the top mitigation steps from Team82’s 1H 2022 dataset.

At a Glance


The number of XIoT vulnerabilities disclosed by Team82


The number of published XIoT vulnerabilities disclosed industry-wide


The number of affected XIoT vendors.

View the Report

Please complete the form to view the Report.

LinkedIn Twitter YouTube Facebook