I used to work for a company that made VPN routers for one of the largest pump producers. I wasn't aware of any vulnerabilities in our part of the solution. Which doesn't mean there weren't any of course.

Still there is a lot more there than a VPN router. Lots of software and likely plenty of bugs.