Claroty Releases Report on ICS Risk and Vulnerability

August 19, 2020 Perry Cohen

Claroty released its inaugural Biannual ICS Risk & Vulnerability Report. Per the report, over 70% of industrial control system (ICS) vulnerabilities disclosed in the first half (1H) of 2020 can be exploited remotely.

The report, which was conducted by the company’s research team, is comprised of assessments of 365 ICS vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) during 1H 2020, affecting 53 vendors.

“There is a heightened awareness of the risks posed by ICS vulnerabilities and a sharpened focus among researchers and vendors to identify and remediate these vulnerabilities as effectively and efficiently as possible,” said VP of research at Claroty Amir Preminger, in a press release. “We recognized the critical need to understand, evaluate, and report on the comprehensive ICS risk and vulnerability landscape to benefit the entire OT security community.

“Our findings show how important it is for organizations to protect remote access connections and internet-facing ICS devices, and to protect against phishing, spam, and ransomware, in order to minimize and mitigate the potential impacts of these threats.”

The research team discovered a total of 26 ICS vulnerabilities during 1H of 2020. This prioritizes critical or high-risk vulnerabilities that could ultimately affect the safety of industrial operations.

Per the report, the vulnerabilities could impact affected OT networks, as more than 60% enable some form of RCE.

For more information, visit

About the Author

Perry Cohen

Perry Cohen, associate editor for Embedded Computing Design, is responsible for web content editing and creation in addition to podcast production. He also assists with the publication’s social media efforts which include strategic posting, follower engagement, and social media analysis. Before joining the ECD editorial team, Perry has been published on both local and national news platforms including (Phoenix), (Phoenix),, Cronkite News, and MLB/MiLB among others. Perry received a BA in Journalism from the Walter Cronkite School of Journalism and Mass Communications at Arizona State university. He can be reached by email at <a href=""></a>. Follow Perry’s work and ECD content on his twitter account @pcohen21.

Follow on Twitter Follow on Linkedin More Content by Perry Cohen
Previous Article
Four Ways to Reduce Risk When Developing Software for Medical Devices

As medical devices become more complex, the need to ensure their security grows exponentially.

Next Article
Sierra Wireless Announces Availability of 5G module with mmWave support
Sierra Wireless Announces Availability of 5G module with mmWave support

Sierra Wireless announced the availability of its EM919x 5G NR Sub-6 GHz and mmWave embedded modules.