Ivanti Sentry Pre-Authentication RCE
What is the Vulnerability? FortiGuard Labs continues to observe exploitation attempts targeting CVE-2026-10520 following the public release of technical details and proof-of-concept (PoC) exploit code. CVE-2026-10520 is a critical vulnerability affecting Ivanti Sentry that allows remote, unauthenticated attackers to execute arbitrary operating system commands with root privileges. The flaw stems from improper handling of internal…
|
What is the Vulnerability? |
FortiGuard Labs continues to observe exploitation attempts targeting CVE-2026-10520 following the public release of technical details and proof-of-concept (PoC) exploit code. CVE-2026-10520 is a critical vulnerability affecting Ivanti Sentry that allows remote, unauthenticated attackers to execute arbitrary operating system commands with root privileges. The flaw stems from improper handling of internal configuration commands exposed through an externally accessible API, enabling complete device compromise without valid credentials. Shortly after disclosure, watchTowr published a detailed technical analysis and public PoC, significantly lowering the barrier to exploitation and increasing the likelihood of opportunistic attacks. Ivanti Sentry is an enterprise mobile gateway that provides secure access to corporate email, applications, and content for managed mobile devices. Organizations with internet-exposed Ivanti Sentry appliances should prioritize patching immediately, as attackers are actively attempting to exploit vulnerable systems. |
|
What is the recommended Mitigation? |
Affected: Fixed: Recommended Actions |
|
What FortiGuard Coverage is available? |
• FortiGuard IPS provides protection against exploit attempts targeting vulnerable Ivanti Sentry appliances. |
