12 June 2026
Reference: CVE-2026-10520
1. What is being reported?
The vulnerability is an 'OS Command Injection' flaw in Ivanti Sentry versions before R10.5.2, R10.6.2, and R10.7.1. This means attackers can run harmful commands on the system remotely and gain full administrative access without authentication.
2. What this means in plain English
If your organisation uses Ivanti Sentry and has not updated to the fixed versions, attackers could potentially take over your system, access sensitive data, or disrupt your operations. This is a very high-risk issue because it does not require the attacker to have any prior access.
3. Could this affect a small business?
Small businesses or charities using Ivanti Sentry software on their network could be affected, especially if the software is exposed to the internet or not updated. Organisations not using this product or using updated versions are not at risk from this specific vulnerability.
4. What to do now
- Check if your organisation uses Ivanti Sentry software and identify the version installed.
- If using an affected version, immediately apply the updates to R10.5.2, R10.6.2, R10.7.1 or later as provided by Ivanti.
- If updates cannot be applied immediately, follow any temporary mitigation steps recommended by Ivanti or consider discontinuing use until fixed.
- Confirm with your IT provider that your systems are not exposed to the internet in a way that could allow attackers to exploit this vulnerability.
5. Ask your IT provider
Can you confirm whether our Ivanti Sentry software is up to date with the latest security patches addressing CVE-2026-10520, and what steps are in place to protect us from this vulnerability?
6. Bottom line
If you use Ivanti Sentry, update it now to prevent attackers from taking control of your systems remotely.
Information based on CISA KEV, NVD, and reputable security reports.