More than 9,000 VNC endpoints exposed online without a password

According to security weakness hunters at Cyble, over 9,000 exposed VNC (virtual network computing) endpoints are exposed on the internet without authentication.

VNC (virtual network computing) is a platform-independent system that can help users connect to systems that require monitoring and adjustments.

VNC grants users control over a remote computer via the RFB (remote frame buffer protocol) over a network connection.

According to the researchers, the most exposed endpoints are in China and Sweden. Other countries that made it to the top 5 list are the United States, Spain and Brazil. Most attempts to access VNC servers came from the Netherlands, Russia and the United States.

These vulnerable endpoints could serve as entry points for unauthorized users, including threat actors with malicious targets.

Exposed VNCs are widely targeted by attackers. Using its cyber intelligence tools on 5909, Cyble researchers discover that there were over six million requests within a month.

To protect VNC, administrators are advised never to expose servers directly to the internet. If they need to be remotely accessible, they must be placed behind a VPN.

Administrators should also provide instances with a password to restrict access to the VNC servers.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web