Ivanti Sentry CVE-2026-10520: CVSS 10.0 RCE Now Exploited
What Happened
Ivanti patched a maximum-severity OS command injection flaw in its Sentry secure mobile gateway on June 9, 2026. Within 24 hours, attackers had already backdoored internet-exposed appliances using a public proof-of-concept exploit. The vulnerability, CVE-2026-10520 (CVSS 10.0), allows remote, unauthenticated root-level code execution — the kind of flaw that gets pwned at scale the moment a diff lands on a researcher’s desk.
Ivanti’s advisory still reads “we are not aware of any customers being exploited.” Shadowserver’s telemetry tells a different story: at least 19 vulnerable instances identified, two confirmed backdoored, and the rest almost certainly compromised. If you run Ivanti Sentry and haven’t patched this week, assume breach.
The Two CVEs Explained
Ivanti’s June 9 advisory covers two critical flaws in Sentry (formerly MobileIron Sentry), the security gateway appliance that mediates traffic between corporate back-end systems and remote mobile devices.
| CVE | CVSS | Type | Impact |
|---|---|---|---|
| CVE-2026-10520 | 10.0 | OS Command Injection (CWE-78) | Remote, unauthenticated root RCE |
| CVE-2026-10523 | 9.8 (Critical) | Authentication Bypass | Rogue admin account creation, full admin access |
CVE-2026-10520 is the headline act. An unauthenticated attacker can inject operating system commands and execute arbitrary code with root privileges on the Sentry appliance. No credentials needed, no user interaction required — just network access to the management interface. The second flaw, CVE-2026-10523, compounds the damage: it lets attackers bypass authentication entirely to create persistent administrative accounts. Together, they give an adversary permanent, privileged access to the gateway that controls mobile device traffic into your enterprise network.
Affected versions include Sentry 10.5.1, 10.6.1, 10.7.0, and all earlier releases. Patched versions — 10.5.2, 10.6.2, and 10.7.1 — were released on June 9 through Ivanti’s customer portal, as documented in the company’s security advisory.
Shadowserver Sounds the Alarm
On June 10, the Shadowserver Foundation reported a surge in exploitation attempts against CVE-2026-10520, hours after a public PoC exploit appeared online. Their findings are stark:
- 19 vulnerable instances detected in scans, with most likely compromised
- 2 confirmed backdoored — attackers deployed backdoors and injected malicious code (credit: Saudi NCA for the tip)
- Actual exposure is almost certainly higher, as many Sentry instances block external scanning
Shadowserver’s statement was blunt: “If you have not patched, you are most likely compromised.” The organization began sharing indicators through its Vulnerable HTTP and Compromised Website reporting feeds, tagging affected systems with identifiers including “cve-2026-10520” and “ivanti-sentry,injected-code,backdoor,” as reported by Cyber Security News.
This is the classic edge-device exploit lifecycle: patch drops, diff gets analyzed, PoC lands on GitHub, automated scanners light up. The window between disclosure and mass exploitation has compressed to hours, not days. We saw the same pattern with the Check Point VPN zero-day feeding ransomware operators and the SolarWinds Serv-U flaw exploited at scale earlier this month.
Ivanti’s Track Record
This is not Ivanti’s first rodeo. Over the past several years, CISA has flagged 34 vulnerabilities across various Ivanti products as actively exploited in the wild, with 12 of them also used in ransomware attacks, according to BleepingComputer. The pattern is well-established.
Recent incidents alone paint a damning picture:
- January 2026: Two critical EPMM zero-days (CVE-2026-1281, CVE-2026-1340) exploited against a “very limited number of customers”
- May 2026: EPMM CVE-2026-6973, a high-severity RCE flaw, exploited as a zero-day. CISA ordered federal agencies to patch within days
- June 2026: Sentry CVE-2026-10520 — CVSS 10.0, exploited within 24 hours of patch release
Ivanti’s products are deployed across 40,000+ organizations worldwide, supported by 7,000+ partners. That install base makes Ivanti appliances a high-value target for initial access brokers and ransomware groups alike. The Cisco SD-WAN zero-day saga showed how network infrastructure vendors face the same relentless targeting — but Ivanti’s incident cadence is in a class of its own.
Immediate Actions for Defenders
If your organization runs Ivanti Sentry, treat this as an active incident, not a routine patch cycle. Here’s the priority order:
- Patch immediately. Upgrade to Sentry 10.5.2, 10.6.2, or 10.7.1 via Ivanti’s customer download portal. There are no documented workarounds — patching is the only option.
- Assume compromise on internet-exposed instances. If the admin portal was reachable from the internet and wasn’t patched before June 10, proceed with incident response. Check for unauthorized admin accounts (CVE-2026-10523), unexpected processes, persistence mechanisms, and modified system files.
- Rotate all credentials. Admin passwords, API keys, service account tokens — everything that touched the Sentry appliance. Attackers with root access had full ability to exfiltrate credentials.
- Review audit logs. Look for unusual admin portal access, configuration changes, or command execution activity from June 9 onward.
- Subscribe to Shadowserver reports. If you haven’t already, enroll your IP ranges in Shadowserver’s free reporting feeds. They flagged these compromises in near-real-time.
- Network-segment Sentry appliances. The management interface (port 8443) should never face the open internet. Restrict access to trusted management networks.
The Bigger Picture
CVE-2026-10520 is another data point in an accelerating trend: edge infrastructure — VPNs, secure gateways, SD-WAN controllers — is the new perimeter, and it’s under sustained assault. The exploit-to-compromise window has compressed to the point where organizations that can’t patch within hours are effectively running unpatched.
Ivanti’s statement that it “has no evidence” of exploitation, while Shadowserver documents backdoored appliances in real time, is a communications failure that weakens defender response. Vendor advisories that lag behind threat reality create a dangerous false sense of security.
For security teams, the lesson is structural. You need continuous external attack surface monitoring, automated patch prioritization for edge devices, and incident response playbooks that assume the vendor advisory is optimistic. The organizations that detect this class of vulnerability through their own scanning — not through vendor disclosure — are the ones that stay ahead of the exploit curve.
References
- Ivanti Security Advisory — Sentry June 2026 (customer portal)
- Max severity Ivanti Sentry vulnerability now exploited in attacks (BleepingComputer, June 11, 2026)
- Ivanti: Max severity Sentry flaw allows code execution as root (BleepingComputer, June 10, 2026)
- Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release (Cyber Security News, June 11, 2026)
- The Shadowserver Foundation — Vulnerable HTTP and Compromised Website reporting feeds