This week’s release introduces new managed protection to address a critical pre-authentication OS command injection vulnerability in Ivanti Sentry (CVE-2026-10520).
Key Findings
- CVE-2026-10520: An OS command injection vulnerability in Ivanti Sentry allows remote, unauthenticated attackers to execute arbitrary system commands with root privileges. The flaw stems from improper sanitization of input strings parsed during internal configuration handling.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | 500a90789f874345b60b0de7242fdf83 | N/A | Ivanti Sentry – Command Injection – CVE:CVE-2026-10520 | Log | Block | This is a new detection. |
Source: Cloudflare
Latest Posts
- (Updated) Action required: Update Teams Rooms app to maintain PowerPoint Live functionality [MC1332812]
- (Updated) Microsoft Teams: Granular channel notification settings [MC1388719]
- (Updated) Microsoft Teams: Enhanced peripheral data in Pro Management portal reports for BYOD spaces [MC1090689]
- (Updated) Microsoft Teams: Enhanced bookable desk experience with Teams panel based desk devices [MC1330887]
![(Updated) Microsoft Teams: Digital signage support for Teams panels [MC1311979]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-301599-150x150.webp "(Updated) Microsoft Teams: Digital signage support for Teams panels [MC1311979] 7")