Researchers have discovered 21 vulnerabilities in a popular brand of industrial router.

On Dec. 7 at Black Hat Europe, analysts from Forescout will reveal the bugs — including one of 9.6 “Critical” severity on the CVSS scale, and nine “High” severity — affecting a brand of operational technology (OT)/Internet of Things (IoT) routers especially common in the medical and manufacturing sectors.

OT/IoT routers bridge the wider Internet with internal networks, via 3G and 4G cellular networks. They’re most often found in critical sectors such as transportation, government, and water treatment. Compromising these devices can enable lateral movement within networks, malware deployment, espionage, disruption of services, and much more.