RedLegg

Critical Ivanti Sentry Alert (CVE-2026-10520, CVE-2026-10523):
Two critical flaws enable unauthenticated attackers to bypass authentication and execute commands with root privileges. While exploitation hasn’t been observed in the wild, a public proof-of-concept is available.

• Upgrade to patched versions (10.5.2 / 10.6.2 / 10.7.1)
• Prioritize internet-facing appliances
• Review logs for suspicious access or changes

Security Bulletin: Multiple Vulnerabilities Affecting Ivanti Sentry Critical Ivanti Sentry flaws (CVE-2026-10520, CVE-2026-10523) allow auth bypass and remote root command ex*****on. Patch immediately.

Security Bulletin: Check Point VPN Authentication Bypass — Check Point Remote Access VPN, Mobile Access / SSL VPN, and Spark Firewall deployments using IKEv1 (CVE-2026-50751) contain a critical vulnerability that may allow attackers to bypass authentication and gain unauthorized remote access. CVSS http://9.3.

Check Point confirmed active exploitation in the wild, and the vulnerability has been added to CISA's KEV catalog. Successful exploitation may provide attackers with a foothold for lateral movement, persistence, and further compromise of internal environments.
Organizations should immediately apply Check Point hotfixes, identify systems using IKEv1, migrate to IKEv2 where possible, review VPN authentication activity, and investigate for signs of unauthorized access.

Security Bulletin: Check Point VPN Authentication Bypass Vulnerability Check Point VPN vulnerability (CVE-2026-50751) allows authentication bypass in IKEv1 VPN deployments. Actively exploited and listed in CISA KEV. Patch immediately.

Are your security operations built to act on early signals?

Most environments generate constant activity.

Which signals indicate real risk?
What action should follow?

That’s where delays happen.

Signals without context slow teams down.
Context without action doesn’t reduce risk.

The teams that reduce impact are the ones that evaluate signals quickl, and move with confidence.

See how detection and response are handled in practice:
https://hubs.li/Q04h19Nl0

Security Bulletin: Cisco Catalyst SD-WAN Manager (CVE-2026-20245) is seeing active exploitation. Attackers with netadmin access can escalate privileges to root and push malicious configs to edge devices.

• Upgrade to patched versions
• Audit config changes and logs
• Restrict and monitor admin access

Security Bulletin: Authenticated Privilege Escalation Vulnerability in Cisco Catalyst SD-WAN Manager CVE-2026-20245 is a Cisco SD-WAN Manager privilege escalation flaw with active exploitation. Patch immediately and monitor for unauthorized configuration changes.