Ivanti Releases Critical Patches for Sentry Vulnerabilities to Enhance Security

Anuj June 11, 2026
www.news4hackers.com-ivanti-releases-critical-patches-for-sentry-vulnerabilities-to-enhance-security-ivanti-releases-critical-patches-for-sentry-vulnerabilities-to-enhance-security
Post Views: 14

IVANTI HAS ISSUED UPDATES TO ADDRESS TWO CRITICAL FLAWS IN ITS SENTRY SECURE MOBILE GATEWAY SOLUTION, IMPACTING ENTERPRISE MOBILE SECURITY.

Vulnerabilities in Ivanti Sentry

Ivanti has issued updates addressing two critical flaws in its Sentry secure mobile gateway solution. The vulnerabilities, designated CVE-2026-10520 and CVE-2026-10523, impact Ivanti Sentry, previously known as MobileIron Sentry, which serves as a security layer for communication between enterprise systems and mobile devices.

CVE-2026-10520: Command Injection Vulnerability

The first flaw, CVE-2026-10520, represents an operating system command injection vulnerability that could enable unauthorized remote execution of code with elevated privileges.

CVE-2026-10523: Authentication Bypass Vulnerability

The second issue, CVE-2026-10523, involves an authentication bypass mechanism that might allow threat actors to establish unauthorized administrative access.

Patches and Affected Versions

Patches for these issues are included in updated versions of the software: R10.5.2, R10.6.2, and R10.7.1. Ivanti confirmed there is no evidence of these vulnerabilities being actively exploited in real-world scenarios.

Historical Context and Risks

However, the company’s products have historically been frequent targets for cyberattacks, with multiple zero-day exploits disclosed in recent years that led to unauthorized access to corporate networks and sensitive information. Notably, the Cybersecurity and Infrastructure Security Agency (CISA) previously mandated federal agencies to address similar vulnerabilities in Ivanti devices.

Impact of Exploitation

The vulnerabilities affect configurations where Sentry manages traffic between mobile endpoints and internal infrastructure. Exploitation of CVE-2026-10520 could grant attackers control over system processes, while CVE-2026-10523 undermines authentication protocols, potentially enabling persistent access.

Recommendations

Ivanti’s advisory emphasizes the importance of applying the latest patches to mitigate risks associated with these flaws. Recent security advisories highlight ongoing efforts to address critical weaknesses in enterprise infrastructure. The release of these patches follows broader industry trends of prioritizing remediation for vulnerabilities that pose immediate risks to publicly accessible systems or allow full system compromise. Organizations are advised to review their deployment of Sentry solutions and implement the updated versions promptly.



About Author

Anuj

See author's posts

More Stories

www.news4hackers.com-fbi-uncovers-ties-between-china-based-organized-crime-groups-and-southeast-asian-scams-fbi-uncovers-ties-between-china-based-organized-crime-groups-and-southeast-asian-scams

FBI Uncovers Ties Between China-Based Organized Crime Groups and Southeast Asian Scams

Anuj June 11, 2026
www.news4hackers.com-mini-shai-hulud-hades-vulnerability-affects-multiple-python-package-versions-on-pypi-mini-shai-hulud-hades-vulnerability-affects-multiple-python-package-versions-on-pypi-1

Top Security Measures for Effective Identity Verification Online

Anuj June 11, 2026
www.news4hackers.com-mini-shai-hulud-hades-vulnerability-affects-multiple-python-package-versions-on-pypi-mini-shai-hulud-hades-vulnerability-affects-multiple-python-package-versions-on-pypi

Mini Shai-Hulud Hades Vulnerability Affects Multiple Python Package Versions on PyPI

Anuj June 11, 2026

Latest Cyber Security News

www.news4hackers.com-delhi-police-crack-down-on-e-commerce-scam-ring-with-operation-cy-hawk-delhi-police-crack-down-on-e-commerce-scam-ring-with-operation-cy-hawk

Delhi Police Crack Down on E-commerce Scam Ring with Operation Cy Hawk

Anuj June 11, 2026
www.news4hackers.com-ensuring-cloud-services-respect-your-data-privacy-online--ensuring-cloud-services-respect-your-data-privacy-online-

Ensuring Cloud Services Respect Your Data Privacy Online,

Anuj June 11, 2026
www.news4hackers.com-operation-mule-hunt-2-0-uncovers-massive-44-crore-cyber-scam-in-gujarat-india-operation-mule-hunt-2-0-uncovers-massive-44-crore-cyber-scam-in-gujarat-india-1

X-Square-Robot-Open-Sources-Autonomous-Data-Collection-Framework-for-Free-Use,

Anuj June 11, 2026
www.news4hackers.com-operation-mule-hunt-2-0-uncovers-massive-44-crore-cyber-scam-in-gujarat-india-operation-mule-hunt-2-0-uncovers-massive-44-crore-cyber-scam-in-gujarat-india

Operation Mule Hunt 2.0 Uncovers Massive ₹44 Crore Cyber Scam in Gujarat India

Anuj June 11, 2026
www.news4hackers.com-beware-of-scammers-using-tiktok-instagram-for-vidar-infostealer-malware-spreads-beware-of-scammers-using-tiktok-instagram-for-vidar-infostealer-malware-spreads

Beware of Scammers Using TikTok & Instagram for Vidar Infostealer Malware Spreads

Anuj June 11, 2026
en_USEnglish
en_USEnglish