Ivanti
20 articles
U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14
U.S.
Ivanti Sentry Exploitation Attempts Hitting Honeypots
The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation...
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S.
CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release
Attackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. ...
CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release
Attackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. ...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-10520 Ivanti Se...
Max severity Ivanti Sentry vulnerability now exploited in attacks
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed...
Ivanti Command Injection Flaw Exploited After PoC Code Release
Ivanti Sentry is facing active exploitation attempts following the public release of proof-of-concept (PoC) code targeting a critical OS command injection vu...
Ivanti releases patches for critical Sentry vulnerabilities
The vulnerabilities, tracked as CVE-2026-10520 and CVE-2026-10523, affect Ivanti Sentry, formerly MobileIron Sentry, which secures traffic between corporate ...
Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)
Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away....
CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry
Overview On June 9, 2026, Ivanti published a security advisory for two critical vulnerabilities affecting Ivanti Sentry (formerly known as MobileIron Sentry)...
Ivanti: Max severity Sentry flaw allows code execution as root
Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers...
Most pros have seen AI hallucinations in IT operations
Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without wait...
Ivanti ITSM Flaw Could Allow Attackers to Escalate to Admin Access
Ivanti has patched a high-severity vulnerability in its Ivanti Neurons for ITSM platform that could allow authenticated attackers to escalate privileges and ...
ZDI-26-308: Ivanti Endpoint Manager RemoteControlAuth Exposed Dangerous Method Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. Although authentication is...
Five new holes, one exploited, found in Ivanti Endpoint Manager Mobile
The five new vulnerabilities discovered in Ivanti’s on-premises mobile endpoint management solution are a “classic example of the legacy trap” that CSOs must...
Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days
The actively exploited flaw enables remote admin users to execute arbitrary code.
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
CISA has given U.S.
Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)
Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploite...