An authentication bypass in Ivanti Sentry enables unauthenticated attackers to create administrative accounts, granting them full control over the appliance.

This vulnerability (CWE-288) allows an unauthenticated remote attacker to bypass authentication mechanisms, create new administrative user accounts, and obtain full administrative privileges within the system.

The CVSS score of 9.9 underscores the severe business impact of this vulnerability. By bypassing authentication, attackers can gain complete control over the appliance, potentially leading to unauthorized data access, network disruption, and the ability to maintain persistence within the network. This is particularly dangerous when coupled with the command injection vulnerability (CVE-2026-10520).

Immediate Action: Update Ivanti Sentry to version R10.5.2, R10.6.2, R10.7.1, or higher to close the authentication bypass flaw.

Proactive Monitoring: Audit existing administrative accounts for unauthorized entries or unknown users created recently.

Compensating Controls: Limit access to the management interfaces of Ivanti Sentry to trusted management subnets and verify integrity of administrative logs.

Public Exploit Available: Unknown

This vulnerability represents a total failure of access controls. It is imperative that administrators apply the provided updates immediately to prevent unauthorized administrative takeover of the appliance. Failure to do so leaves the organization highly vulnerable to persistent, high-level unauthorized access.