apt is a package manager. It's only relevant if the system uses it to manage it's packages. Red Hat based distributions, for example, don't use apt. Embedded devices typically don't manage packages on an individual basis, rather updating the entire distribution via "firmware updates".

Could you elaborate on how lacking apt is a security issue?