Ivanti Sentry CVE-2026-10520: CVSS 10.0 Pre-Authentication RCE Exploited After PoC Release

Ivanti has disclosed two critical vulnerabilities in Ivanti Sentry, the enterprise mobile device management gateway previously known as MobileIron Sentry. CVE-2026-10520 carries the maximum CVSS score of 10.0 and allows an unauthenticated remote attacker to execute arbitrary OS commands on the Sentry appliance. CVE-2026-10523 is a companion OS command injection vulnerability scoring CVSS 9.4 that requires minimal privilege. Both vulnerabilities are being actively exploited following public proof-of-concept disclosure.

CISA added CVE-2026-10520 to the Known Exploited Vulnerabilities catalogue concurrent with Ivanti’s advisory, reflecting the confirmed active exploitation and the critical role Sentry plays in enterprise mobile management infrastructure.

Vulnerability Details

CVE-2026-10520 (CVSS 10.0): A pre-authentication OS command injection in the Ivanti Sentry administrative interface (SuperAdmin). The vulnerable endpoint processes user-supplied input in a system management API call without adequate sanitisation, allowing an attacker to inject shell metacharacters that execute as OS commands. The www-data user running the Sentry web service has sufficient privilege to write configuration files and pivot to full root access via known privilege escalation paths on the underlying Linux appliance.

Authentication requirement: None. The vulnerable endpoint is accessible without credentials, making this a maximum-severity remote exploit with no prerequisite access.

CVE-2026-10523 (CVSS 9.4): A second OS command injection in a separate Sentry endpoint, requiring a low-privilege API token. In deployments where API tokens are shared with MDM-integrated applications (Mobile App Management, Microsoft Intune connector, Samsung Knox integration), any holder of a low-privilege token can exploit this vulnerability.

Affected versions: All Sentry versions 9.18.x and earlier. The fixed version is Sentry 9.19.1.

Ivanti product note: Ivanti has had a pattern of critical vulnerabilities in its remote access and MDM products in 2024–2026, including multiple CVEs in Ivanti Connect Secure (VPN), Ivanti Policy Secure, and now Sentry. Each disclosure has been followed by active exploitation within days of advisory publication, making rapid response to Ivanti advisories especially important.

Sentry’s Network Position and Exploitation Consequence

Ivanti Sentry acts as a gateway between mobile devices and internal enterprise services — email (Exchange, Microsoft 365), internal web applications, and other resources that would otherwise require VPN access from mobile devices. It sits at the perimeter, accessible from the internet to allow mobile devices to connect when outside the corporate network.

This internet-facing position means CVE-2026-10520 can be exploited directly from the internet without any prior access to the enterprise network. An attacker who achieves OS execution on Sentry gains:

• Access to all internal services that Sentry proxies (Exchange, Microsoft 365, internal web apps)
• Mobile device management data: device inventory, user-device mappings, MDM certificates
• Any credentials stored in Sentry configuration (service account credentials for Exchange, internal application tokens)
• A foothold on the enterprise network perimeter from which to pivot to internal systems

Ivanti Sentry managing 10,000+ mobile devices is not unusual in large enterprises — the scope of exposure from a compromised Sentry instance is proportional to the managed fleet size.

Indicators of Compromise

Ivanti has published technical details of the exploitation pattern. Key indicators:

• Unexpected POST requests to /mics/services/api/v2/system/management/ or /mics/services/api/v2/system/admin/ endpoints from external IP addresses
• OS command execution errors in /var/log/tomcat9/catalina.out referencing unusual paths or commands
• Unexpected cron jobs or startup scripts in /etc/cron.d/ or /etc/init.d/
• Outbound connections from the Sentry appliance to external IP addresses not associated with Ivanti update services

Recommended Actions

Update immediately: Apply Sentry 9.19.1. If direct update is not available, contact Ivanti support for the patch delivery mechanism appropriate to your deployment type (virtual appliance, hardware appliance).

Temporary mitigation: Restrict access to the Sentry administrative interface (SuperAdmin) to known management IP addresses. Block internet access to administrative interface ports while the production interface remains available. This mitigates CVE-2026-10520 (pre-auth) but does not address CVE-2026-10523 which is exploitable through the API token interface used by integrated applications.

Assume compromise review: Given active exploitation, organisations running unpatched Sentry should perform a compromise review — reviewing logs, checking for unexpected scheduled tasks, and auditing recent administrative actions — before applying the patch and returning the appliance to service.

Ivanti Trust Portal: Ivanti operates a security advisory portal at security.ivanti.com where updates and indicators of compromise for all current advisories are maintained.