Sep 03, 2019 | Radiflow team
By Dor Cohen, Senior Cyber Security Researcher
On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.
BadPackets analyzed the number of Pulse Secure VPN endpoints vulnerable to the CVE-2019-11510. Using the online scanning service BinaryEdge the researchers found 41,850 Pulse Secure VPN endpoints exposed online, 14,528 of them vulnerable to CVE-2019-11510.
Most of the vulnerable hosts were in the U.S., followed by Japan and the U.K.
| Country | Count of Vulnerable Hosts |
| United States | 5,010 |
| Japan | 1,511 |
| United Kingdom | 830 |
| Germany | 789 |
| France | 626 |
| Netherlands | 420 |
| Israel | 406 |
| Switzerland | 307 |
| Canada | 296 |
| South Korea | 281 |
| All Other Countries | 4,052 |
The researchers also analyzed the distribution of the vulnerable hosts by industry and discovered that the flaw affects hosts in:
BadPackers did not disclose the list of affected organizations to avoid that threat actors will target them.
[inject id=’code-47fd23f73a9caecab1e206306adae7f9′]
BadPackets analyzed the number of Pulse Secure VPN endpoints vulnerable to the CVE-2019-11510. Using the online scanning service BinaryEdge the researchers found 41,850 Pulse Secure VPN endpoints exposed online, 14,528 of them vulnerable to CVE-2019-11510.
