Max severity Ivanti Sentry vulnerability now exploited in attacks

Attackers are actively exploiting CVE-2026-10520, a maximum-severity OS command injection flaw in Ivanti Sentry security gateways. This vulnerability allows unauthenticated remote code execution with root privileges on internet-exposed instances. Many appliances were backdoored immediately after Ivanti released patches, indicating widespread active exploitation.

CRITICALAdvisoryJun 12, 2026

Action required

Immediately identify all Ivanti Sentry appliances in your environment. Patch to the latest version without delay and audit for signs of compromise. Check firewall and VPN logs for suspicious access to these gateways and scan for web shells or persistence mechanisms.

Affected products

Ivanti SentryIvanti

CVE IDs

CVE-2026-10520

Linked articles

Max severity Ivanti Sentry vulnerability now exploited in attacks

Source links

https://www.bleepingcomputer.com/news/security/max-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks/