{"id":8451,"date":"2026-06-10T20:13:17","date_gmt":"2026-06-10T20:13:17","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=8451"},"modified":"2026-06-10T20:13:17","modified_gmt":"2026-06-10T20:13:17","slug":"ivanti-patches-critical-sentry-flaws-that-lead-to-full-device-takeover","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=8451","title":{"rendered":"Ivanti patches critical Sentry flaws that lead to full device takeover"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>IT software provider Ivanti fixed two vulnerabilities in Ivanti Sentry, a secure mobile gateway appliance formerly called MobileIron Sentry. <a href=\"https:\/\/hub.ivanti.com\/s\/article\/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US\">The flaws<\/a> could allow unauthenticated remote attackers to gain complete control of deployments.<\/p>\n<p>One of the vulnerabilities, CVE-2026-10523, credited to researcher Bryan Lam, allows attackers to bypass authentication and create arbitrary administrative accounts on appliances. The flaw is rated with a severity of 9.9 out of 10 on the CVSS scale.<\/p>\n<p>The second flaw, CVE-2026-10520, is a command injection issue that can lead to remote code execution with root privileges on the underlying OS. Because the vulnerability can be exploited remotely without authentication, it is rated with the maximum CVSS severity score of 10.<\/p>\n<p>Ivanti Sentry is an in-line gateway that manages, encrypts, and secures traffic between mobile devices and back-end enterprise servers such as Microsoft Exchange. It works together with Ivanti Endpoint Manager Mobile (EPMM) to enforce access restrictions and device verification. As such, the appliance is typically deployed at the enterprise network edge and is accessible from the internet.<\/p>\n<p>Both vulnerabilities were reported privately through Ivanti\u2019s responsible disclosure program, and the company is not aware of public exploitation at this time. But attackers, including <a href=\"https:\/\/www.csoonline.com\/article\/4135776\/attackers-exploit-ivanti-epmm-zero-days-to-seize-control-of-mdm-servers.html\">state-sponsored cyberespionage groups<\/a>, have <a href=\"https:\/\/www.csoonline.com\/article\/4135776\/attackers-exploit-ivanti-epmm-zero-days-to-seize-control-of-mdm-servers.html\">exploited vulnerabilities in Ivanti products<\/a> and network-edge appliances many times in the past.<\/p>\n<p>Furthermore, researchers from security firm watchTowr have posted <a href=\"https:\/\/labs.watchtowr.com\/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520\/\">a detailed analysis<\/a> of CVE-2026-10520 and the exploit is trivial to execute. The researchers <a href=\"https:\/\/github.com\/watchtowrlabs\/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523\">released a Python script<\/a> that enables organizations to test whether their deployments are vulnerable.<\/p>\n<p>Ivanti Sentry customers are advised to upgrade their deployments to versions 10.5.2, 10.6.2, or 10.7.1 as soon as possible.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>IT software provider Ivanti fixed two vulnerabilities in Ivanti Sentry, a secure mobile gateway appliance formerly called MobileIron Sentry. The flaws could allow unauthenticated remote attackers to gain complete control of deployments. One of the vulnerabilities, CVE-2026-10523, credited to researcher Bryan Lam, allows attackers to bypass authentication and create arbitrary administrative accounts on appliances. The [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":8452,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-8451","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8451"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8451"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8451\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/8452"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}