Security researchers analyze popular remote access solutions used for industrial control systems. They found multiple vulnerabilities that could let unauthenticated attackers execute arbitrary code and breach the environment. The flaws are in virtual private network (VPN) implementations and adversaries could exploit them cause physical damage by connecting to field devices and programmable logic controllers (PLCs). Edge devices are a direct gate to ICS and key target areas. They are critical assets and attackers with access to them can view internal traffic and reach hosts on the network.
Source: https://www.bleepingcomputer.com/news/security/industrial-vpn-vulnerabilities-put-critical-infrastructure-at-risk/