Internet of Things (IoT) is the next era of communication networks. The concept of IoT is that everything within the global communication network is interconnected and accessible. Since IoT has various applications, including Industry 4.0. Therefore, upcoming and existing IoT applications are highly auspicious to enhance the level of automation, efficiency, and comfort for the users. However, to a certain extent, there are numerous challenges while deploying IoT devices in the Industry 4.0, like IoT devices are assumed to have inadequate resources to support security solutions. Therefore, in order to protect the communication environment, an efficient and lightweight security solution is needed. Recently, on the basis of a hierarchical approach, Garg et al. presented a lightweight, robust key agreement, and provably secure authentication protocol for the IoT environment. Their introduced protocol relies on lightweight operations, including XOR operation, concatenation, hash function, physically unclonable function (PUF), and elliptic curve cryptography. However, in this comment, we point out the security loopholes of Garg et al. ’s protocol and show that it is vulnerable to the IoT-node impersonation attack. Moreover, it has irrelevant generation and usage of some parameters. Therefore, we put forward some valuable suggestions for attack resilience.