Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway, including a maximum-severity bug that allows remote code execution as root. This is the kind of vulnerability that keeps CISOs up at night.
Sentry sits at a critical junction—it gates secure mobile access to internal enterprise resources. Root-level compromise here doesn’t just mean one more server on the incident response checklist. It potentially hands an attacker control over mobile device management and every internal application behind the gateway.
Check your Sentry version against Ivanti’s advisory and patch today. While you’re in there, scan authentication logs for any sign of prior access. This one’s a fire drill, not a planning exercise.
Source: Bleeping Computer
