CVE-2026-10520 - Vulnerability Details - OpenCVE

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Ivanti	Sentry

No data.

No data.

References

Link	Providers
https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US

History

Tue, 09 Jun 2026 17:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ivanti Ivanti sentry
Vendors & Products		Ivanti Ivanti sentry

Tue, 09 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Title		OS Command Injection in Ivanti Sentry Allowing Root-Level Remote Code Execution

Tue, 09 Jun 2026 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 09 Jun 2026 15:30:00 +0000

Type	Values Removed	Values Added
Description		An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
Weaknesses		CWE-78
References		https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US
Metrics		cvssV3_1 `{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: ivanti

Published: 2026-06-09T14:10:21.581Z

Updated: 2026-06-09T15:42:24.876Z

Reserved: 2026-06-01T08:47:35.793Z

Link: CVE-2026-10520

Vulnrichment

Updated: 2026-06-09T15:42:20.215Z

NVD

Status : Received

Published: 2026-06-09T16:16:35.700

Modified: 2026-06-09T16:16:35.700

Link: CVE-2026-10520

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-10520", "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "state": "PUBLISHED", "assignerShortName": "ivanti", "dateReserved": "2026-06-01T08:47:35.793Z", "datePublished": "2026-06-09T14:10:21.581Z", "dateUpdated": "2026-06-09T15:42:24.876Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "shortName": "ivanti", "dateUpdated": "2026-06-09T14:10:21.581Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-248", "descriptions": [{"lang": "en", "value": "CAPEC-248 Command Injection"}]}], "affected": [{"vendor": "ivanti", "product": "Sentry", "versions": [{"status": "unaffected", "version": "R10.5.2"}, {"status": "unaffected", "version": "R10.6.2"}, {"status": "unaffected", "version": "R10.7.1"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "An OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry before\u00a0the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated user to achieve root-level remote code execution", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution "}]}], "references": [{"url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "CRITICAL", "baseScore": 10, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-09T15:42:07.518236Z", "id": "CVE-2026-10520", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-09T15:42:24.876Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-10520", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-06-09T15:42:07.518236Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-09T15:42:20.215Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-248", "descriptions": [{"lang": "en", "value": "CAPEC-248 Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ivanti", "product": "Sentry", "versions": [{"status": "unaffected", "version": "R10.5.2"}, {"status": "unaffected", "version": "R10.6.2"}, {"status": "unaffected", "version": "R10.7.1"}], "defaultStatus": "affected"}], "references": [{"url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US"}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "An OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry before\u00a0the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated user to achieve root-level remote code execution", "supportingMedia": [{"type": "text/html", "value": "An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution ", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')"}]}], "providerMetadata": {"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "shortName": "ivanti", "dateUpdated": "2026-06-09T14:10:21.581Z"}}}, "cveMetadata": {"cveId": "CVE-2026-10520", "state": "PUBLISHED", "dateUpdated": "2026-06-09T15:42:24.876Z", "dateReserved": "2026-06-01T08:47:35.793Z", "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75", "datePublished": "2026-06-09T14:10:21.581Z", "assignerShortName": "ivanti"}, "dataVersion": "5.2"}