IOC Radar
TLP:WHITE2 IOCs

Critical Vulnerabilities in Ivanti Sentry Allows Code Execution as Root (CVE-2026-10520 & CVE-2026-10523)

TR
Truesec
Published June 12, 2026Original Report

Diamond Model

Attack Flow6 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/6
Exploit Public-Facing Application
ActionExploit command injection vulnerability
An unauthenticated remote attacker exploits an OS command injection vulnerability (CVE-2026-10520) in Ivanti Sentry.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise2

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2026-10520
exploitintel-blogvulnerability
Medium
54
Jun 12, 26
CVECVE-2026-10523
exploitintel-blogmalware
Medium
54
Jun 12, 26

IOC Relationship Graph

IOC Relationship Graph2 total IOCs
CVE
CVE2REPORTCritical Vulnerabilities i
scroll to zoom · drag to pan · click IOC to open