BlueKeep Still Affecting Thousands Of Windows Machines With RDP Bug

BlueKeep Vulnerability has affected Windows in recent years and more than 245,000 Windows machines are still vulnerable to attacks.

It was first disclosed half a year ago. However, Jan Kapriva has suggested that hundreds of thousands of Windows machines are still vulnerable to this bug. Although there’s a significant decline in the number of BlueKeep-affected machines accessible from the internet still there are 240,000 machines that could be vulnerable.

“Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems,” he added. “And since any of these might potentially come back to haunt us one day, this would seem to be a question worth asking.”

Kopriva discovered the number of vulnerable machines by scanning Shodan search engines for devices. They were discovered before 2020.

According to Kopriva, There are still millions of machines that administrators have failed to patch and are still vulnerable to remote exploitations including, IIS servers, Exim email, OpenSSL, and WordPress websites.

CVE PRODUCT UNPATCHED SYSTEMS CVSSv3
CVE-2019-0211 Apache webserver 3,357,835 7.8
CVE-2019-12525 Squid 1,219,716 9.8
CVE-2015-1635 Microsoft IIS 374,113 10
CVE-2019-13917 Exim 268,409 9.8
CVE-2019-10149 (Return of the WIZard) Exim 264,655 9.8
CVE-2019-0708 (BlueKeep) Windows RDP 246,869 9.8
CVE-2014-0160 (Heartbleed) OpenSSL 204,878 7.5
CVE-2020-0796 (SMBGhost) Windows SMB 103,000 10
CVE-2019-9787 WordPress 83,951 8.8
CVE-2019-12815 ProFTPD 80,434 9.8
CVE-2018-6789 Exim 76,344 9.8

“Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems,” Kopriva also adds.

Back to top button
Close