EDIT 8/5/2019: Wrong CVE - CVE-2019-0709 was mentioned instead of CVE-2019-0708…
We’ve all read about the hundereds of thousands of machines affected by BlueKeep connected to the internet, but where are they hiding? With the help of Shodan, we can try to figure it out.
At the time of writing, Shodan returns 667243 results for CVE-2019-0708. In the leading place is China with 291686 results, followed by United States (88625 results), Korea (26578 results), Brazil (23756 results) and Russia (22682).
Top 49 countries are each the home of more than 1000 vulnerable servers (the Czech Republic has 2327 results and is in 29th place) and each of the top 97 countries has at least 100 detections.
For those of you who would like to take a look at all the countries (though it is possible I missed some of them) where there was at least one vulnerable machine, you may take a look at the following chart.