AI description
CVE-2026-10520 is an operating system command injection vulnerability affecting Ivanti Sentry, a mobile security gateway. This flaw allows a remote, unauthenticated attacker to achieve root-level remote code execution on affected systems. Specifically, the vulnerability is located within the `ConfigServiceController` class of the Sentry web application. It can be exploited by sending a specially crafted POST request to the unauthenticated endpoint `/mics/api/v2/sentry/mics-config/handleMessage`. This request is then interpreted as an internal MICS configuration command and executed by a backend component.
- Description
- An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
- Products
- standalone_sentry
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Ivanti Sentry OS Command Injection Vulnerability
- Exploit added on
- Jun 11, 2026
- Exploit action due
- Jun 14, 2026
- Required action
- Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- CWE-78
- Hype score
- Not currently trending
🚨 CVE-2026-10520: Ivanti Sentry has an unauthenticated OS command injection. A remote attacker gets root. CVSS 10.0 CISA added it to the KEV catalog on June 11, 2026, which means it is being exploited now. #KEV #CVE https://t.co/myqxGuBf8P
@cloudkey_tech
12 Jun 2026
297 Impressions
1 Retweet
3 Likes
2 Bookmarks
1 Reply
0 Quotes
Ivanti Sentryに「最大深刻度」のRCE脆弱性。認証なしで根(root)権限でのコード実行が可能。 【脆弱性】Ivanti SentryにOSコマンドインジェクションCVE-2026-10520(最大深刻度)と認証バイパスCVE-2026-10523(Critical)。
@hasamayo1217
12 Jun 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Vulnerabilities in Ivanti Sentry Allows Code Execution as Root (CVE-2026-10520 & CVE-2026-10523) https://t.co/YSpl6ZZukN The cause of the flaw has at the time of writing not been shared by the vendor. Introduction to Malware Binary Triage (IMBT) Course Looking to
@f1tym1
12 Jun 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Two critical zero-days in Ivanti Sentry and Oracle PeopleSoft are under active exploitation right now. Plus, a new BitLocker bypass (GreatXML) is public. What happened: Ivanti Sentry (CVE-2026-10520) and Oracle PeopleSoft (CVE-2026-35273) flaws are being actively exploited
@gh0st_V3ctbrv
12 Jun 2026
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ivanti Sentry CVE-2026-10520 (CVSS 10.0): unauthenticated root RCE, actively exploited same day as disclosure. 2 of 19 tracked instances backdoored within hours. Patch + audit admin accounts (CVE-2026-10523 creates backdoor). https://t.co/xdON1ajI8h #Cyber https://t.co/dIMmseYlWM
@securitydailyr
12 Jun 2026
94 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-10520が悪用されました:Ivanti Sentryゲートウェイがパッチリリース直後に侵害されました CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release #SecurityAffairs (Jun 11) https://t.co/kh7KVcBJiq
@foxbook
12 Jun 2026
173 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Ivanti Sentry Alert (CVE-2026-10520, CVE-2026-10523): Two critical flaws enable unauthenticated attackers to bypass authentication and execute commands with root privileges. While exploitation hasn’t been observed in the wild, a public pro... https://t.co/U6VsatAWP9
@RedLegg
12 Jun 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ivanti Sentry max-severity RCE Ivanti Sentry max-severity flaw is being exploited. CVE-2026-10520, CVSS 10 unauthenticated OS command injection -> root RCE. Public PoC is out; Shadowserver says many exposed gateways are already backdoored. Patch to R10.5.2 / R10.6.2 / R10.7.
@ElusivePrivacy
11 Jun 2026
132 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release: Attackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat… https://t.co/DcfVFEOSRf
@shah_sheikh
11 Jun 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Intel Report [CRITICAL] - Two critical vulnerabilities have been reported in Ivanti Sentry mobile device management gateway: an OS command injection (CVE-2026-10520, reported CVSS 10.0) and an authentication bypass (CVE-2026-10523, reported CVSS 9.9).... https://t.co/fkUPMrhlqn
@EnigmaGlobalSW
11 Jun 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-10520 chains with CVE-2026-10523: auth bypass into OS command injection, root on your Ivanti Sentry gateway. No credentials needed. CVSS 10.0. WatchTowr PoC already public. Patch to R10.5.2 or later. Your perimeter is your attack surface. #CyberSecurity #CVE #Ivanti http
@SynScanNet
11 Jun 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 #CyberSecurity CVE-2026-10520 & CVE-2026-10523: Ivanti Sentry Critical Vulnerabilities — Detec… "Two critical Ivanti Sentry vulnerabilities enable RCE—patch immediately to prevent mobile…" 🔗 https://t.co/ZVnASwjmem #CyberSecurity #ThreatIntel #cve #zeroday
@SecurityAr58409
11 Jun 2026
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ivanti Sentryの重大な脆弱性により、ルート権限でのリモートコード実行が可能になる(CVE-2026-10520) Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) #HelpNetSecurity (Jun 10) https://t.co/SxC9Typ3c3
@foxbook
11 Jun 2026
226 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Attackers exploiting Ivanti Sentry vulnerabilities (CVE-2026-10520, CVE-2026-10523) can achieve root-level code execution and create rogue admin accounts. TRC analysis shows lateral movement from compromised gateway devices poses significant risk to internal corporate networks.
@aviatrixtrc
11 Jun 2026
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
# Ivanti Sentry Multi-CVE Exploitation Framework **Military-grade weaponized exploit for chaining authentication bypass + remote code execution on Ivanti Sentry access control systems.** CVE-2026-10523 CVE-2026-10520 **Capabilities**: - ✅ Multi-vector authentication bypass (7
@YogSoth0
10 Jun 2026
103 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ivanti Sentry’s CVE-2026-10520 Enables Root RCE https://t.co/jANcDNrIqZ Ivanti Sentry’s CVE-2026-10520 Enables Root RCE CVE-2026-10520 is a critical OS command injection vulnerability in Ivanti Sentry that can allow a remote, unauthenticated attacker to execute commands as
@f1tym1
10 Jun 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ivanti releases patches for critical Sentry vulnerabilities https://t.co/1IKqrRFIG3 The vulnerabilities, tracked as CVE-2026-10520 and CVE-2026-10523, affect Ivanti Sentry, formerly MobileIron Sentry, which secures traffic between corporate systems and mobile devices.
@f1tym1
10 Jun 2026
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Three critical RCEs worth dropping everything for this week: Ivanti Sentry, CVE-2026-10520 (CVSS 10): unauthenticated, root-level command injection. Public PoC is already out. Patch 10.5.2 / 10.6.2 / 10.7.1. Veeam Backup & Replication, CVE-2026-44963 (CVSS 9.4): any https:/
@PurpleOps_io
10 Jun 2026
139 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
GitHub - watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523 · GitHub - https://t.co/O2xfTBHCkV
@piedpiper1616
10 Jun 2026
291 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520): Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the… https://t.co/V5QooeOlY
@shah_sheikh
10 Jun 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERTĂ - Vulnerabilități critice la nivelul Ivanti Sentry ⚠️ Ivanti a publicat informații cu privire la două vulnerabilități critice identificate în produsul Ivanti Sentry: CVE-2026-10520 și CVE-2026-10523. 👉 https://t.co/ztDLLeUO7o #DNSC #Alert #CyberSe
@DNSC_RO
10 Jun 2026
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2026-10520 (CVSS 10.0) enables unauthenticated RCE as root on Ivanti Sentry via command injection. CVE-2026-10523 (CVSS 9.9) bypasses authentication to create admin accounts. Public PoC available — patch immediately to versions 10.7.1, 10.6. #DFIR_Radar https://t.co/5i5ze1
@DFIR_Radar
10 Jun 2026
69 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Ivanti patched two critical Sentry flaws, including CVE-2026-10520, a max-severity command injection that could allow root code execution, and CVE-2026-10523, an auth bypass for rogue admin access. #Ivanti #Sentry #CVE202610520 https://t.co/ajFnF8yJmq
@TweetThreatNews
10 Jun 2026
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ぱっちちゅーずでー ▼Microsoft 2026 年 6 月のセキュリティ更新プログラム (月例) https://t.co/5usWYHVCRi ▼SAP SAP Security Patch Day - June 2026 https://t.co/XMsl5PhBI4 ▼Ivanti Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523) https:
@taku888infinity
10 Jun 2026
914 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:standalone_sentry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C33107C3-2CB4-495C-ACB2-F1440ADAA2B0",
"versionEndExcluding": "10.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:standalone_sentry:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5579D89-84ED-45BA-922F-B84DC5E3EE93",
"versionEndExcluding": "10.6.2",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ivanti:standalone_sentry:10.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F16798C-197D-4CED-BCD1-9C93A28D29D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]