A critical vulnerability in Ivanti Sentry, tracked as CVE-2026-10520, has been exploited by attackers to execute code with root privileges on exposed secure mobile gateways, despite the company having released a patch. Security organization Shadowserver reported that many of these gateways have already been compromised, urging users who have not updated to take immediate action.
The most valuable insight for a cybersecurity professional from this content is the urgent need to patch the Ivanti Sentry vulnerability, CVE-2026-10520, immediately. This maximum-severity flaw is being actively exploited to execute code with root privileges, compromising Internet-exposed secure mobile gateways, and could serve as an entry point into enterprise networks for data theft. Prioritize securing these gateways to prevent potential breaches.