Technical description
Ivanti Sentry (formerly MobileIron Sentry) contains a pre-authenticated OS command injection vulnerability (CWE-78, CVSS 10.0) in the /mics/api/v2/sentry/mics-config/handleMessage endpoint. The Spring Boot controller accepts a user-supplied 'message' parameter and passes it unsanitised into a configuration-handling service, allowing a remote unauthenticated attacker to execute arbitrary OS commands with root privileges. Ivanti disclosed the flaw on June 9 alongside CVE-2026-10523 (authentication bypass, CVSS 9.9). WatchTowr published a full technical analysis and PoC on June 10. Shadowserver observed active exploitation and two backdoored instances within 24 hours of PoC release.
Attack vector
Unauthenticated HTTP POST to /mics/api/v2/sentry/mics-config/handleMessage — exploitable from the internet wherever the Sentry management interface is reachable. No authentication, device fingerprinting, or special preconditions required. Attacker operators had Ivanti asset inventory pre-staged and launched exploits immediately on PoC availability.
Affected systems
Ivanti Sentry versions 10.5.1, 10.6.1, 10.7.0 and all prior versions. Sentry acts as an in-line mobile-to-enterprise gateway for email, VPN, and application traffic and is typically internet-facing.
Mitigation
Upgrade to Ivanti Sentry R10.5.2, R10.6.2, or R10.7.1 immediately. Federal agencies must remediate by June 14 per CISA BOD 26-04. WatchTowr has released a detection script. Before patching, perform compromise checks per BOD 26-04 guidance — patching does not evict an already-present attacker. Prioritise instances accessible from the internet.