Summary

Two critical vulnerabilities have been identified in Ivanti Sentry that could allow unauthenticated remote attackers to fully compromise affected systems.

Successful exploitation of either vulnerability may result in: - Complete compromise of the Ivanti Sentry appliance - Unauthorized access to enterprise resources - Credential theft and lateral movement - Further attacks against internal infrastructure

⚠️ At the time of disclosure, no customers are known to have been exploited by these vulnerabilities.

Affected Versions

The following versions of Ivanti Sentry are affected:

• Ivanti Sentry prior to R10.5.2
• Ivanti Sentry prior to R10.6.2
• Ivanti Sentry prior to R10.7.1

Products operating at the network perimeter and integrated with Ivanti Endpoint Manager Mobile (EPMM) may be particularly exposed due to their role in managing and brokering access to enterprise resources.

Technical Details

CVE-2026-10520 – Unauthenticated OS Command Injection

A vulnerable API endpoint accepts user-supplied input and passes it directly into backend configuration processing functions without proper authentication or validation:

/mics/api/v2/sentry/mics-config/handleMessage


The application parses input into configuration commands and supports an execute operation. User-controlled data is passed to internal native execution functionality via reflective method invocation, enabling OS command execution.

Example vulnerable command structure:

execute system /configuration/system/commandexec
<commandexec>
 <index>1</index>
 <reqandres>arbitrary_command</reqandres>
</commandexec>


A crafted request containing a malicious commandexec payload can trigger arbitrary command execution as the root user, resulting in complete system compromise.

CVE-2026-10523 – Authentication Bypass

An authentication bypass vulnerability allows remote unauthenticated attackers to create arbitrary administrative accounts and obtain full administrative privileges over the appliance, potentially facilitating further compromise of connected enterprise environments.

Mitigation

Organizations should take the following actions immediately:

1. Upgrade to a Fixed Version

BranchFixed VersionR10.5.xR10.5.2R10.6.xR10.6.2R10.7.xR10.7.1

2. Restrict Access

• Restrict external access to Ivanti Sentry management interfaces wherever possible.
• Ensure sensitive administrative endpoints are not publicly accessible.

3. Monitor for Indicators of Compromise

• Requests to /mics/api/v2/sentry/mics-config/handleMessage
• Unexpected administrative account creation
• Suspicious configuration changes
• Indicators of command execution or abnormal process activity

4. Review for Compromise

• Review systems for signs of compromise, especially if running vulnerable versions exposed to untrusted networks.
• Apply vendor-provided security updates immediately and follow any additional hardening guidance released by Ivanti.

References

• Source Advisory: https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523
• Technical Analysis: https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/
• Proof of Concept: https://github.com/watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523
• News Coverage: https://www.bleepingcomputer.com/news/security/new-max-severity-ivanti-sentry-flaw-allows-code-execution-as-root/

‍