The Radiflow Security Blog
On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510.
BadPackets analyzed the number of Pulse Secure VPN endpoints vulnerable to the CVE-2019-11510. Using the online scanning service BinaryEdge the researchers found 41,850 Pulse Secure VPN endpoints exposed online, 14,528 of them vulnerable to CVE-2019-11510.
Most of the vulnerable hosts were in the U.S., followed by Japan and the U.K.
|Country||Count of Vulnerable Hosts|
|All Other Countries||4,052|
The researchers also analyzed the distribution of the vulnerable hosts by industry and discovered that the flaw affects hosts in:
- Electric utilities
- U.S. military, federal, state, and local government agencies
- Public universities and schools
- Hospitals and health care providers
- Major financial institutions
- Numerous Fortune 500 companies
BadPackers did not disclose the list of affected organizations to avoid that threat actors will target them.