Emergency Security Bulletin: Multiple Vulnerabilities Affecting Ivanti Sentry

OS Command Injection Vulnerability
in Ivanti Sentry

Identifier: CVE-2026-10520
PoC or Exploitation:
At the time of disclosure, Ivanti stated it was not aware of any customers being exploited. However, public proof-of-concept and exploit reproduction material have been released by security researchers.
CVSS Score: 10.0 (Critical, CVSS v3.1)

Update / Patch:
Ivanti has released security updates addressing this vulnerability.

Affected versions include:

• Ivanti Sentry 10.7.0 and below
• Ivanti Sentry 10.6.1 and below
• Ivanti Sentry 10.5.1 and below

Fixed versions include:

• Ivanti Sentry 10.7.1
• Ivanti Sentry 10.6.2
• Ivanti Sentry 10.5.2

Vendor advisory and patch guidance:
https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523

Description:
CVE-2026-10520 is a critical OS command injection vulnerability affecting Ivanti Sentry.

The flaw allows an unauthenticated remote attacker to inject operating system commands that execute with root privileges on vulnerable Ivanti Sentry appliances.

Successful exploitation may result in complete compromise of the affected appliance, allowing attackers to execute arbitrary commands, establish persistence, access sensitive data, modify configurations, disrupt services, and potentially leverage the appliance as a foothold for further attacks within the environment.

Mitigation Recommendation:
Immediately upgrade affected Ivanti Sentry deployments to a fixed version.

Prioritize remediation of internet-accessible Ivanti Sentry appliances.

Review appliance logs, authentication records, and administrative activity for signs of unauthorized access or command execution.

Monitor for suspicious processes, configuration modifications, and unexpected outbound network connections originating from Ivanti Sentry systems.

Restrict administrative access to trusted management networks and authorized personnel.

Authentication Bypass Vulnerability in Ivanti Sentry

Identifier: CVE-2026-10523
PoC or Exploitation:
At the time of disclosure, Ivanti stated it was not aware of any customers being exploited. However, public proof-of-concept and reproduction material have been released by security researchers.
CVSS Score: 9.9 (Critical, CVSS v3.1)

Update / Patch:
Ivanti has released security updates addressing this vulnerability.

Affected versions include:

• Ivanti Sentry before R10.5.2
• Ivanti Sentry before R10.6.2
• Ivanti Sentry before R10.7.1

Fixed versions include:

• Ivanti Sentry R10.5.2
• Ivanti Sentry R10.6.2
• Ivanti Sentry R10.7.1

Vendor advisory and patch guidance:
https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523

Description:
CVE-2026-10523 is a critical authentication bypass vulnerability affecting Ivanti Sentry.

The flaw allows a remote unauthenticated attacker to bypass authentication controls and gain elevated access to the affected appliance.

Successful exploitation may allow an attacker to create arbitrary administrative accounts and obtain full administrative access to the Ivanti Sentry system.

Mitigation Recommendation:
Immediately upgrade affected Ivanti Sentry deployments to a fixed version.

Prioritize remediation of internet-accessible Ivanti Sentry appliances.

Review administrative accounts and access control configurations for unauthorized account creation or privilege changes.

Audit authentication logs and administrative activity for suspicious or unexpected access events.

Monitor for configuration modifications, unauthorized system changes, and anomalous management activity.

Restrict management access to trusted administrative networks and authorized personnel only.