CVE-2026-10520 — a maximum-severity OS command injection in Ivanti's Sentry gateway — must be patched by Federal Civilian Executive Branch agencies within three days, the Cybersecurity and Infrastructure Security Agency ordered, after evidence emerged that attackers were already backdooring exposed devices.
CISA’s BOD 26-04 and the three-day deadline
The agency added CVE-2026-10520 to its Known Exploited Vulnerabilities Catalog and invoked Binding Operational Directive (BOD) 26-04, which requires rapid remediation when a vulnerability meets specified criteria. CISA told agencies to secure Ivanti Sentry instances within three days, noting that this class of vulnerability “is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.”
BOD 26-04, issued on Wednesday, supersedes and revokes BOD 19-02 and BOD 22-01 and requires federal teams to prioritize patching when an asset is publicly exposed, the flaw appears in CISA's KEV catalog, exploitation can be automated at scale, or successful exploitation grants attackers partial or total control of a targeted system.
The Ivanti Sentry flaw (CVE-2026-10520) and Ivanti’s public posture
The vulnerability, tracked as CVE-2026-10520, is an OS command injection in Ivanti's security gateway appliance (formerly MobileIron Sentry). Ivanti released patches for CVE-2026-10520; at the time of that advisory the company said it had “no evidence of in-the-wild exploitation.”
Ivanti has not updated its advisory to indicate the vulnerability is under active exploitation, and an Ivanti spokesperson did not respond to BleepingComputer when contacted for further details on the ongoing attacks, the reporting notes.
Shadowserver: exposed portals, public proof-of-concept, and backdoors
Security watchdog Shadowserver reported that attackers had already backdoored many Sentry gateways exposed online. Shadowserver now tracks “just over 50 Sentry admin portals exposed online,” but it cautioned its count is likely an undercount because organizations block its scanner—“While our detection is on the lowish side due to multiple Ivanti Sentry instances not reachable in our scans (blocklisted?), if you have not patched now you are most likely compromised.”
Shadowserver also reported a surge of exploitation attempts following publication of a public proof-of-concept: “We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today.” Taken together, that activity prompted CISA’s KEV addition and the three-day federal remediation order.
Context inside CISA’s recent emergency patching orders
Although BOD 26-04 is new, CISA in recent weeks used three-day directives to push rapid mitigation for other actively exploited flaws. The agency ordered federal agencies to patch a Check Point VPN zero-day, a high-severity Oracle WebLogic Server vulnerability exploited in the wild, and an actively exploited cPanel plugin flaw. CISA’s note here explicitly told stakeholders to “follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable.”
The agency also highlighted Ivanti historically: over the past several years it has flagged 35 vulnerabilities across Ivanti products that have been abused in attacks, with 12 targeted by ransomware gangs, underlining why CISA moved quickly once exploitation was confirmed.
How technologists, federal agencies, and procurement leaders are responding
- Technologists and security teams: Patch immediately if your Ivanti Sentry instance is internet-exposed; CISA’s guidance places internet-exposure and KEV listing among the triggers for prioritized remediation. Shadowserver’s assessment that unpatched systems are “most likely compromised” raises urgency for incident triage where patches were not already applied.
- Federal Civilian Executive Branch agencies: The three-day BOD 26-04 deadline applies specifically to FCEB agencies; they must evaluate each asset’s internet exposure and either apply patches per the directive or discontinue use where mitigations are unavailable, per CISA’s instruction.
- Procurement and enterprise owners of Ivanti Sentry: Ivanti’s initial advisory did not reflect active exploitation when the vendor published patches, and Ivanti has not publicly updated that advisory despite reports of backdoors and active attacks—buyers and operators should treat the product as at-risk until clearer vendor guidance is issued.
Two facts stand out from the published record: CISA moved quickly to use its new BOD authority once exploitation was confirmed, and independent scanning shows likely broader compromise than the modest count of exposed portals would suggest. Ivanti released patches, Shadowserver reported active backdoors and surge exploitation tied to a public proof-of-concept, and Ivanti has not publicly revised its advisory nor answered follow-up queries reported by BleepingComputer—leaving a clear operational question for defenders and federal teams alike: will unpatched instances be found and remediated within the three-day window, or will the backdoors already detected by third parties prove harder to purge?
