Maximum-severity Ivanti Sentry flaw now exploited
🔒 Attackers are exploiting a recently patched maximum-severity OS command injection in Ivanti Sentry (formerly MobileIron Sentry), tracked as CVE-2026-10520, to achieve root code execution on Internet-exposed gateways. Ivanti released patches in Sentry R10.5.2, R10.6.2, and R10.7.1, but Shadowserver reports many publicly reachable appliances have already been backdoored. Shadowserver warned that their scans undercount exposures due to blocklisting and urged immediate patching, while Ivanti has not revised its advisory and maintains no evidence of customer exploitation at disclosure.
