ATLAS · LIVE
ATLAS INDEX
Δ 24H
ACTIVE SOURCES20
HOTSPOTS20
TIME21:39:17 UTC
← All briefs
CRITICALCyber IntelligenceThursday, June 11, 2026

Ivanti Sentry flaw under active exploit with root access

Attackers are exploiting a maximum-severity vulnerability in Ivanti Sentry gateways, gaining root-level code execution on Internet-facing systems.

A recently patched critical vulnerability in Ivanti Sentry is now being exploited in the wild. The flaw allows attackers to execute arbitrary code with root privileges on exposed secure mobile gateways.

Ivanti Sentry functions as a gateway for secure mobile access to enterprise resources. The vulnerability affects Internet-exposed instances, creating a direct pathway for attackers to compromise gateway infrastructure with the highest level of system access. Root privileges grant complete control over affected devices, enabling data exfiltration, lateral movement, and persistent access.

The vulnerability carries a maximum severity rating. Ivanti released patches prior to active exploitation being observed, but organizations that have not yet applied updates remain exposed. The window between patch release and active exploitation continues to narrow across enterprise software vulnerabilities.

The rest of this brief is inside the platform

Continue reading. Free.

A free Atlas account unlocks the full briefing, the co-analyst, daily delivery to your inbox, and a sector-personalised feed.

Full brief
Implications, sources, methodology
Co-Analyst
Ask follow-ups on every brief
Sector feed
Briefs filtered to what matters to you
Implications
  • 01Organizations using Ivanti Sentry face immediate risk of root-level compromise on gateway infrastructure.
  • 02Unpatched instances provide attackers direct access to enterprise mobile gateway environments.
  • 03Security teams must prioritize emergency patching or network isolation for exposed Sentry deployments.
  • 04Incident response teams should audit Sentry logs for indicators of compromise dating to patch release.
Source
BleepingComputer
https://www.bleepingcomputer.com/news/security/max-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks/
Brief is editorial commentary by Atlas Intelligence based on the cited public reporting. Atlas does not reproduce source text. Verify primary source before action.
#ivanti#vulnerability#exploitation#gateway#root access#patching
Related Briefs