The Radiflow Security Blog
Bad Packets warns of over 14,500 Pulse Secure VPN Endpoints vulnerable to CVE-2019-11510
September 3, 2019
By Dor Cohen, Senior Cyber Security Researcher
On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.
BadPackets analyzed the number of Pulse Secure VPN endpoints vulnerable to the CVE-2019-11510. Using the online scanning service BinaryEdge the researchers found 41,850 Pulse Secure VPN endpoints exposed online, 14,528 of them vulnerable to CVE-2019-11510.
Most of the vulnerable hosts were in the U.S., followed by Japan and the U.K.
Country | Count of Vulnerable Hosts |
United States | 5,010 |
Japan | 1,511 |
United Kingdom | 830 |
Germany | 789 |
France | 626 |
Netherlands | 420 |
Israel | 406 |
Switzerland | 307 |
Canada | 296 |
South Korea | 281 |
All Other Countries | 4,052 |
The researchers also analyzed the distribution of the vulnerable hosts by industry and discovered that the flaw affects hosts in:
- Electric utilities
- U.S. military, federal, state, and local government agencies
- Public universities and schools
- Hospitals and health care providers
- Major financial institutions
- Numerous Fortune 500 companies
BadPackers did not disclose the list of affected organizations to avoid that threat actors will target them.