AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

🔥 This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)

CVE-2026-10520: Ivanti Sentry OS Command Injection Vulnerability

infovulnerability🔥 Actively Exploited

security

Source: CISA Known Exploited VulnerabilitiesJune 10, 2026CVE-2026-10520

Summary

Ivanti Sentry contains an OS command injection vulnerability (a flaw that lets attackers run arbitrary system commands) that could allow an unauthenticated remote attacker to gain root-level access (the highest privilege level on a system). The vulnerability is most dangerous when the Sentry appliance is unmanaged and exposed to the internet, though it can be blocked by using mTLS (mutual TLS, a security protocol requiring both client and server verification) with EPMM or restricted HTTPS access.

Solution / Mitigation

Apply mitigations according to vendor instructions while following CISA's BOD 26-04 guidance on prioritizing security updates based on risk. For cloud services, follow BOD 26-04 guidance or discontinue use of the product if mitigations are unavailable. Organizations must evaluate their asset's internet exposure and ensure adherence to BOD 26-04 patching guidelines. See the Ivanti Security Advisory at https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US for specific patching instructions.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 3.3%

Patch Available

Yes

Exploit Maturity

🔥 Actively Exploited

Disclosure Date

June 10, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-78

CAPEC (Attack Pattern)

CAPEC-88

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-10520

First tracked: June 11, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 95%