logo

Ivanti Sentry vulnerabilities: How to find affected assets

ID: 77da05b7-e455-57be-b4d6-43490f46bb90

STIX ID: report--77da05b7-e455-57be-b4d6-43490f46bb90

Feed Name: runZero Blog

Threat Score
90/100

Date Published: 2026-06-10

Date Updated: 2026-06-11

Author: Matthew Kienow

...
...

Ivanti disclosed two critical vulnerabilities in Sentry (CVE-2026-10520: unauthenticated OS command injection, CVSS 10.0; CVE-2026-10523: authentication bypass, CVSS 9.9) affecting versions 10.5.1, 10.6.1, 10.7.0 and prior. Successful exploitation could allow remote, unauthenticated attackers to achieve root-level RCE or create administrative accounts, and Ivanti urges immediate upgrade to patched releases and provides a runZero query to find potentially affected systems.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.