A critical vulnerability in Ivanti Sentry (CVE-2026-10520) was exploited within 24 hours of its disclosure, affecting versions prior to R10.5.2, R10.6.2, and R10.7.1. This OS command injection flaw received a maximum CVSS score of 10, allowing unauthorized remote code execution with root privileges. Following a public proof-of-concept exploit publication by WatchTowr, attackers rapidly targeted vulnerable instances, demonstrating prior knowledge of the Ivanti asset landscape.
Moreover, remediation of this flaw is urgent as it could give threat actors access to configurations, credentials, and potentially compromise the broader organizational environment due to the appliance's critical position in managing mobile and device access.