BlueKeep Vulnerability has affected Windows in recent years and more than 245,000 Windows machines are still vulnerable to attacks.
It was first disclosed half a year ago. However, Jan Kapriva has suggested that hundreds of thousands of Windows machines are still vulnerable to this bug. Although there’s a significant decline in the number of BlueKeep-affected machines accessible from the internet still there are 240,000 machines that could be vulnerable.
“Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems,” he added. “And since any of these might potentially come back to haunt us one day, this would seem to be a question worth asking.”
Kopriva discovered the number of vulnerable machines by scanning Shodan search engines for devices. They were discovered before 2020.
According to Kopriva, There are still millions of machines that administrators have failed to patch and are still vulnerable to remote exploitations including, IIS servers, Exim email, OpenSSL, and WordPress websites.
| CVE | PRODUCT | UNPATCHED SYSTEMS | CVSSv3 |
|---|---|---|---|
| CVE-2019-0211 | Apache webserver | 3,357,835 | 7.8 |
| CVE-2019-12525 | Squid | 1,219,716 | 9.8 |
| CVE-2015-1635 | Microsoft IIS | 374,113 | 10 |
| CVE-2019-13917 | Exim | 268,409 | 9.8 |
| CVE-2019-10149 (Return of the WIZard) | Exim | 264,655 | 9.8 |
| CVE-2019-0708 (BlueKeep) | Windows RDP | 246,869 | 9.8 |
| CVE-2014-0160 (Heartbleed) | OpenSSL | 204,878 | 7.5 |
| CVE-2020-0796 (SMBGhost) | Windows SMB | 103,000 | 10 |
| CVE-2019-9787 | WordPress | 83,951 | 8.8 |
| CVE-2019-12815 | ProFTPD | 80,434 | 9.8 |
| CVE-2018-6789 | Exim | 76,344 | 9.8 |
“Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems,” Kopriva also adds.
