CVE-2026-10523

CRITICAL

Ivanti Sentry - Authentication Bypass Using an Alternate Path or Channel

Title source: rule

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-10523. PoCs published by watchtowrlabs, HORKimhab.

AI-analyzed exploit summary This repository contains a functional Python script that exploits CVE-2026-10520 and CVE-2026-10523 in Ivanti Sentry, demonstrating an authentication bypass and remote code execution vulnerability. The script sends a crafted request to execute system commands and extracts the output, confirming exploitation.

Description

An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access

Exploits (2)

github WORKING POC 2 stars

by watchtowrlabs · pythonpoc

https://github.com/watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523

View Code ZIP pw:eip

This repository contains a functional Python script that exploits CVE-2026-10520 and CVE-2026-10523 in Ivanti Sentry, demonstrating an authentication bypass and remote code execution vulnerability. The script sends a crafted request to execute system commands and extracts the output, confirming exploitation.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ivanti Sentry

No auth needed

Prerequisites: network access to the target Ivanti Sentry instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Jun 10, 2026 Full analysis →

github WORKING POC

by HORKimhab · pythonpoc

https://github.com/HORKimhab/CVE-2026-10520-10523

View Code ZIP pw:eip

The repository contains functional exploit code for CVE-2026-10520, targeting Ivanti Sentry. The PoC demonstrates command execution via a crafted POST request to the vulnerable endpoint, with both single-target and mass-scanning capabilities.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ivanti Sentry

No auth needed

Prerequisites: network access to the target Ivanti Sentry instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Jun 11, 2026 Full analysis →

References (1)

Core 1

Core References

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US

Scores

CVSS v3 9.9

EPSS 0.0481

EPSS Percentile 90.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-288

Status published

Products (3)

ivanti/Sentry R10.5.2

ivanti/Sentry R10.6.2

ivanti/Sentry R10.7.1

Published Jun 09, 2026

Tracked Since Jun 09, 2026