More common than you think
Worked in a crisp factory years ago as their Infrastructure guy.
The lab wanted a new microscope for QA which has an ethernet port and some "server" software to run on the client PC.
One unique requirement was that QA wanted the output text files - which were stored locally by default - to be sucked up by the ERP system.
Salesman assure the buyer that we can just SMB into it and pickup the file. He hinted that it was just Windows underneath too.
So I had a look about how to secure the SMB share or to see if I could have a script on it which uploaded the output file to our ERP inbound file share, and peeked under the hood.
It was running Windows 95, had no security at all and amazingly also had a telnet server running on it without any authentication at all.
This was in 2012, and the microscope cost many tens of thousands of pounds.
When QA said they were thinking of buying more of them I tried to raise objections, which obviously fell on deaf ears.
In the end I put them on their own VLAN and firewalled them off. Best I could do without "invalidating the warranty".