While the number of targets is limited to Windows and Windows Server installations with the Windows message queuing service enabled, exploitation is considered easy, hence the high CVSS score. And as you can see in the Shodan scan below, there are about a million servers listening on the ports associated with MSMQ, with roughly half of them in the US.