Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for standalone_sentry by ivanti

    CVE-2026-10523 (GCVE-0-2026-10523)

    Vulnerability from nvd – Published: 2026-06-09 14:16 – Updated: 2026-06-10 03:58
    VLAI
    Summary
    An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication bypass using an alternate path or channel
    Assigner
    Impacted products
    Vendor Product Version
    ivanti Sentry Unaffected: R10.5.2
    Unaffected: R10.6.2
    Unaffected: R10.7.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10523",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-10T03:58:55.720Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sentry",
              "vendor": "ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "R10.5.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.6.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.7.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An Authentication Bypass vulnerability (CWE-288)\u0026nbsp;in Ivanti\u0026nbsp;Sentry before the\u0026nbsp;R10.5.2, R10.6.2 and R10.7.1\u0026nbsp;versions\u0026nbsp;allows\u0026nbsp;a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access\u0026nbsp;"
                }
              ],
              "value": "An Authentication Bypass vulnerability (CWE-288)\u00a0in Ivanti\u00a0Sentry before the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288 Authentication bypass using an alternate path or channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T14:17:40.240Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2026-10523",
        "datePublished": "2026-06-09T14:16:41.255Z",
        "dateReserved": "2026-06-01T08:57:47.470Z",
        "dateUpdated": "2026-06-10T03:58:55.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10520 (GCVE-0-2026-10520)

    Vulnerability from nvd – Published: 2026-06-09 14:10 – Updated: 2026-06-12 03:55
    Summary
    An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper neutralization of special elements used in an OS command ('OS command injection')
    Assigner
    Impacted products
    Vendor Product Version
    ivanti Sentry Unaffected: R10.5.2
    Unaffected: R10.6.2
    Unaffected: R10.7.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10520",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-12T03:55:15.947Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-10520"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sentry",
              "vendor": "ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "R10.5.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.6.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.7.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS Command Injection vulnerability\u0026nbsp;in Ivanti\u0026nbsp;Sentry before\u0026nbsp;the\u0026nbsp;R10.5.2, R10.6.2 and R10.7.1\u0026nbsp;versions\u0026nbsp;allows\u0026nbsp;a remote unauthenticated user to achieve root-level remote code execution\u0026nbsp;"
                }
              ],
              "value": "An OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry before\u00a0the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated user to achieve root-level remote code execution"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper neutralization of special elements used in an OS command (\u0027OS command injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T14:10:21.581Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2026-10520",
        "datePublished": "2026-06-09T14:10:21.581Z",
        "dateReserved": "2026-06-01T08:47:35.793Z",
        "dateUpdated": "2026-06-12T03:55:15.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8540 (GCVE-0-2024-8540)

    Vulnerability from nvd – Published: 2024-12-10 18:52 – Updated: 2024-12-14 04:55
    VLAI
    Summary
    Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Sentry Unaffected: 9.20.2 (custom)
    Unaffected: 10.0.2 (custom)
    Unaffected: 10.1.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-13T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-14T04:55:18.267Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sentry",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "9.20.2",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "10.0.2",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "10.1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsecure permissions in Ivanti Sentry \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ebefore versions 9.20.2 and 10.0.2 or 10.1.0\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp;allow a local authenticated attacker to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emodify sensitive application components.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0\u00a0allow a local authenticated attacker to modify sensitive application components."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-75",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-75 Manipulating Writeable Configuration Files"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-10T18:52:17.010Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2024-8540"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-8540",
        "datePublished": "2024-12-10T18:52:17.010Z",
        "dateReserved": "2024-09-06T18:11:23.892Z",
        "dateUpdated": "2024-12-14T04:55:18.267Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-41724 (GCVE-0-2023-41724)

    Vulnerability from nvd – Published: 2024-03-31 01:45 – Updated: 2025-03-25 14:36
    VLAI
    Summary
    A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Sentry Affected: 9.19.0 , ≤ 9.19.0 (semver)
    Create a notification for this product.
    ivanti sentry Affected: 0 , ≤ 9.19.0 (semver)
        cpe:2.3:a:ivanti:sentry:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:sentry:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sentry",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThanOrEqual": "9.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41724",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-02T14:31:04.406728Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T14:36:27.737Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:01:35.551Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Sentry",
              "vendor": "Ivanti",
              "versions": [
                {
                  "lessThanOrEqual": "9.19.0",
                  "status": "affected",
                  "version": "9.19.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network. "
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-31T01:45:42.684Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2023-41724",
        "datePublished": "2024-03-31T01:45:42.684Z",
        "dateReserved": "2023-08-31T01:00:11.771Z",
        "dateUpdated": "2025-03-25T14:36:27.737Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-10523 (GCVE-0-2026-10523)

    Vulnerability from cvelistv5 – Published: 2026-06-09 14:16 – Updated: 2026-06-10 03:58
    VLAI
    Summary
    An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication bypass using an alternate path or channel
    Assigner
    Impacted products
    Vendor Product Version
    ivanti Sentry Unaffected: R10.5.2
    Unaffected: R10.6.2
    Unaffected: R10.7.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10523",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-10T03:58:55.720Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sentry",
              "vendor": "ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "R10.5.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.6.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.7.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An Authentication Bypass vulnerability (CWE-288)\u0026nbsp;in Ivanti\u0026nbsp;Sentry before the\u0026nbsp;R10.5.2, R10.6.2 and R10.7.1\u0026nbsp;versions\u0026nbsp;allows\u0026nbsp;a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access\u0026nbsp;"
                }
              ],
              "value": "An Authentication Bypass vulnerability (CWE-288)\u00a0in Ivanti\u00a0Sentry before the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288 Authentication bypass using an alternate path or channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T14:17:40.240Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2026-10523",
        "datePublished": "2026-06-09T14:16:41.255Z",
        "dateReserved": "2026-06-01T08:57:47.470Z",
        "dateUpdated": "2026-06-10T03:58:55.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-10520 (GCVE-0-2026-10520)

    Vulnerability from cvelistv5 – Published: 2026-06-09 14:10 – Updated: 2026-06-12 03:55
    Summary
    An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper neutralization of special elements used in an OS command ('OS command injection')
    Assigner
    Impacted products
    Vendor Product Version
    ivanti Sentry Unaffected: R10.5.2
    Unaffected: R10.6.2
    Unaffected: R10.7.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-10520",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-09T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-12T03:55:15.947Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-10520"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sentry",
              "vendor": "ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "R10.5.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.6.2"
                },
                {
                  "status": "unaffected",
                  "version": "R10.7.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An OS Command Injection vulnerability\u0026nbsp;in Ivanti\u0026nbsp;Sentry before\u0026nbsp;the\u0026nbsp;R10.5.2, R10.6.2 and R10.7.1\u0026nbsp;versions\u0026nbsp;allows\u0026nbsp;a remote unauthenticated user to achieve root-level remote code execution\u0026nbsp;"
                }
              ],
              "value": "An OS Command Injection vulnerability\u00a0in Ivanti\u00a0Sentry before\u00a0the\u00a0R10.5.2, R10.6.2 and R10.7.1\u00a0versions\u00a0allows\u00a0a remote unauthenticated user to achieve root-level remote code execution"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper neutralization of special elements used in an OS command (\u0027OS command injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T14:10:21.581Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2026-10520",
        "datePublished": "2026-06-09T14:10:21.581Z",
        "dateReserved": "2026-06-01T08:47:35.793Z",
        "dateUpdated": "2026-06-12T03:55:15.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-8540 (GCVE-0-2024-8540)

    Vulnerability from cvelistv5 – Published: 2024-12-10 18:52 – Updated: 2024-12-14 04:55
    VLAI
    Summary
    Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local authenticated attacker to modify sensitive application components.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Sentry Unaffected: 9.20.2 (custom)
    Unaffected: 10.0.2 (custom)
    Unaffected: 10.1.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-13T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-14T04:55:18.267Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Sentry",
              "vendor": "Ivanti",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "9.20.2",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "10.0.2",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "10.1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsecure permissions in Ivanti Sentry \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ebefore versions 9.20.2 and 10.0.2 or 10.1.0\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp;allow a local authenticated attacker to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emodify sensitive application components.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
                }
              ],
              "value": "Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0\u00a0allow a local authenticated attacker to modify sensitive application components."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-75",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-75 Manipulating Writeable Configuration Files"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-10T18:52:17.010Z",
            "orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
            "shortName": "ivanti"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2024-8540"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
        "assignerShortName": "ivanti",
        "cveId": "CVE-2024-8540",
        "datePublished": "2024-12-10T18:52:17.010Z",
        "dateReserved": "2024-09-06T18:11:23.892Z",
        "dateUpdated": "2024-12-14T04:55:18.267Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-41724 (GCVE-0-2023-41724)

    Vulnerability from cvelistv5 – Published: 2024-03-31 01:45 – Updated: 2025-03-25 14:36
    VLAI
    Summary
    A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Ivanti Sentry Affected: 9.19.0 , ≤ 9.19.0 (semver)
    Create a notification for this product.
    ivanti sentry Affected: 0 , ≤ 9.19.0 (semver)
        cpe:2.3:a:ivanti:sentry:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:ivanti:sentry:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sentry",
                "vendor": "ivanti",
                "versions": [
                  {
                    "lessThanOrEqual": "9.19.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-41724",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-02T14:31:04.406728Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T14:36:27.737Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:01:35.551Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Sentry",
              "vendor": "Ivanti",
              "versions": [
                {
                  "lessThanOrEqual": "9.19.0",
                  "status": "affected",
                  "version": "9.19.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network. "
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-31T01:45:42.684Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "url": "https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2023-41724",
        "datePublished": "2024-03-31T01:45:42.684Z",
        "dateReserved": "2023-08-31T01:00:11.771Z",
        "dateUpdated": "2025-03-25T14:36:27.737Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }