ГлавнаяУязвимости → CVE-2026-10520
10критическая

CVE-2026-10520

Описание

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

Затрагиваемое ПО
Ivanti Standalone sentry
CVSS
Балл10 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_UShttps://github.com/watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-10520