Safety software program firm Ivanti has launched patches that tackle two essential vulnerabilities in its Sentry safe cell gateway resolution. These embody a most severity flaw that would enable a distant attacker to execute code with root privileges.
Ivanti Sentry, previously often called MobileIron Sentry, is a safety gateway equipment that protects visitors between enterprise back-end techniques and distant cell units.
This most severity vulnerability, tracked as CVE-2026-10520, is because of an OS command injection weak spot. The second Sentry safety flaw patched on Tuesday (tracked as CVE-2026-10523) is a essential authentication bypass that may very well be exploited remotely by an unauthenticated attacker to create a fraudulent administrative account and achieve full administrative entry.
Ivanti patched each safety points Tuesday with the discharge of Sentry variations R10.5.2, R10.6.2, and R10.7.1.
Happily, the corporate mentioned there isn’t any proof that the 2 vulnerabilities are being exploited within the wild and suggested directors to improve their techniques to guard towards potential assaults.
“On the time of publication, we’re not conscious of any clients who’ve exploited these vulnerabilities,” Ivanti mentioned. “Right now, there aren’t any recognized exploits of this vulnerability that may very well be used to supply an inventory of indicators of compromise.”
Ivanti vulnerabilities have change into a frequent goal of assaults lately, offering cybercriminals with a simple technique to infiltrate focused company networks and steal delicate company and buyer knowledge.
For instance, most not too long ago, in Might, the Cybersecurity and Infrastructure Safety Company (CISA) ordered U.S. federal companies to patch Ivanti units after warning clients to right away patch a high-severity distant code execution vulnerability in Endpoint Supervisor Cellular (EPMM) that was exploited in a zero-day assault.
A number of different Ivanti zero-days have been exploited lately to compromise a variety of targets, together with authorities companies all over the world. These embody two different essential EPMM vulnerabilities that Ivanti addressed in January after being exploited as zero-days in assaults towards a “very restricted variety of clients.”
CISA has tagged a complete of 34 vulnerabilities in varied SolarWinds merchandise as being actively exploited in assaults over the previous few years, 12 of which have additionally been utilized in ransomware assaults.
Ivanti’s IT asset administration options are utilized by greater than 40,000 purchasers worldwide and supported by a community of greater than 7,000 companions and greater than 3,000 staff.
Safety groups doc 54% of profitable assaults and challenge a warning on solely 14%. The remaining strikes invisibly by means of the surroundings.
Picus’ whitepaper reveals tips on how to check your SIEM and EDR guidelines in breach and assault simulations to make sure threats go undetected.
Get the white paper
