Ivanti Sentry vulnerabilities: How to find affected assets
ID: 77da05b7-e455-57be-b4d6-43490f46bb90
STIX ID: report--77da05b7-e455-57be-b4d6-43490f46bb90
Feed Name: runZero Blog
Threat Score
Ivanti disclosed two critical vulnerabilities in Sentry (CVE-2026-10520: unauthenticated OS command injection, CVSS 10.0; CVE-2026-10523: authentication bypass, CVSS 9.9) affecting versions 10.5.1, 10.6.1, 10.7.0 and prior. Successful exploitation could allow remote, unauthenticated attackers to achieve root-level RCE or create administrative accounts, and Ivanti urges immediate upgrade to patched releases and provides a runZero query to find potentially affected systems.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
