惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

爱范儿
爱范儿
P
Palo Alto Networks Blog
月光博客
月光博客
H
Hackread – Cybersecurity News, Data Breaches, AI and More
I
InfoQ
aimingoo的专栏
aimingoo的专栏
腾讯CDC
T
Threatpost
D
DataBreaches.Net
Vercel News
Vercel News
F
Fortinet All Blogs
Engineering at Meta
Engineering at Meta
C
Cybersecurity and Infrastructure Security Agency CISA
Forbes - Security
Forbes - Security
U
Unit 42
C
Check Point Blog
Blog — PlanetScale
Blog — PlanetScale
O
OpenAI News
量子位
TaoSecurity Blog
TaoSecurity Blog
Microsoft Azure Blog
Microsoft Azure Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
V
Visual Studio Blog
Recorded Future
Recorded Future
云风的 BLOG
云风的 BLOG
Security Archives - TechRepublic
Security Archives - TechRepublic
The Last Watchdog
The Last Watchdog
S
Security Affairs
Attack and Defense Labs
Attack and Defense Labs
罗磊的独立博客
Stack Overflow Blog
Stack Overflow Blog
Microsoft Security Blog
Microsoft Security Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
V2EX
小众软件
小众软件
S
SegmentFault 最新的问题
www.infosecurity-magazine.com
www.infosecurity-magazine.com
W
WeLiveSecurity
AI
AI
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
博客园 - 聂微东
I
Intezer
Know Your Adversary
Know Your Adversary
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Proofpoint News Feed
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The Cloudflare Blog
博客园_首页
NISL@THU
NISL@THU
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

Truesec

Russian Intelligence Targets SOHO Routers - Truesec Cyber Warfare in the Iran War - Truesec Organized Cybercrime Merging with Other Crime - Truesec AI Used in Ransomware Attack The Fortibleed Campaign: Truesec's Experience Fortibleed: Truesec's Experience Supply Chain Attack Compromising Arch Linux AUR Packages with Infostealer and Rootkit - Truesec FortiNet SSO Vulnerability CVE-2025-59718 and CVE-2025-59719 Leading to Full System Compromise - Truesec Typosquatting: When Your Domain Is Used Against You AI in Cybersecurity: Separating Operational Reality from Speculation Compromised @redhat-Cloud-Services Npm Packages Distribute Credential-Stealing Worm GitHub Hacks Highlights Need for Repository Security Installation of a Syslog Log Collector Critical Cisco Secure Workload Vulnerability Allows Unauthenticated Site Admin Access (CVE-2026-20223) Securing IT, OT, and IoT When the Digital Meets the Physical Russia Rolls Out Surveillance Through State-Backed “Super App” MAX Device Code Phishing via Fake File-Sharing Invitation Active Exploitation of PAN‑OS Authentication Portal RCE - Truesec Windows Client Security Baselines: When Assumptions Meet Incident Response Reality - Truesec Entra ID Password Protection: From “P@ssw0rd” to Protected GitHub Under Attack: How Small Exposures Snowball into Large‑Scale Compromises European Risks Linked to the U.S. – Iran Conflict Mythos: What It Actually Means and What It Does Not Russian Espionage Campaign Targets Home Routers How Nordic Organizations Must Adjust Their Cybersecurity to a Changing Operating Environment Critical Vulnerability in “Ninja Forms – File Upload” WordPress Plugin (CVE-2026-07409) Iranian APT Target US Critical Infrastructure Remote Access – Is VPN the Almighty Solution? Malicious Axios Packages Published to npm in New Supply Chain Compromise RCE Vulnerability in F5 BIG-IP APM (CVE-2025-53521) No Further Increase in Iranian Cyber Operations Malicious PyPI Package – LiteLLM Supply Chain Compromise Dutch Intelligence Warns of Russian Campaign Against Signal and Whatsapp Users Multiple Vulnerabilities, One Critical, in Ubiquiti UniFi Network Application
Critical Vulnerabilities in Ivanti Sentry Allows Code Execution as Root (CVE-2026-10520 & CVE-2026-10523)
Hjalmar Desmond · 2026-06-12 · via Truesec

The cause of the flaw has at the time of writing not been shared by the vendor.

CVE-2026-10520: An OS command injection vulnerability that allows a remote unauthenticated attacker to execute arbitrary commands with root privileges on affected devices.

CVE-2026-10523: An authentication bypass vulnerability that allows a remote unauthenticated attacker to create arbitrary administrative accounts and gain full administrative access A proof-of-concept exploit is available to the public[2].

CVE

CVE-2026-10520

CVE-2026-10523

Affected Products

Ivanti Sentry versions prior to R10.5.2, R10.6.2 and R10.7.1[1].

Exploitation

At the time of disclosure, Ivanti stated that it was not aware of any customers being exploited by these vulnerabilities[1].

Recommended Actions

Truesec recommends that if you are effected, upgrade Ivanti Sentry to versions 10.5.2, 10.6.2 and 10.7.1 as soon as possible.

The versions are found here[1]:

10.5.2:
New Sentry Instance: https://support.mobileiron.com/mi/sentry/10.5.2-3/sentry-mobileiron-10.5.2-3.iso
Updating existing Sentry appliance: https://support.mobileiron.com/mi/sentry/10.5.2-3/

10.6.2:
New Sentry Instance: https://support.mobileiron.com/mi/sentry/10.6.2-4/sentry-mobileiron-10.6.2-4.iso
Updating existing Sentry appliance: https://support.mobileiron.com/mi/sentry/10.6.2-4/

10.7.1:
New Sentry Instance: https://support.mobileiron.com/mi/sentry/10.7.1-3/sentry-mobileiron-10.7.1-3.iso
Updating existing Sentry appliance: https://support.mobileiron.com/mi/sentry/10.7.1-3/

References

[1] https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US

[2] https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/