www.belgium.be Logo of the federal government

Warning: Critical Remote Code Execution Vulnerability For Ivanti Standalone Sentry Appliances

Advisory #2024-45
Affected software: 
Ivanti Standalone Sentry versions 9.17.0, 9.18.0, and 9.19.0
Remote Code Execution (RCE)

CVE-2023-41724: CVSS 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)




CVE-20241724 is a critical remote code execution (RCE) vulnerability affecting Ivanti Standalone Sentry.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network. This would highly affect the confidentiality, integrity, and availability.

There is no available information yet about the vulnerabilities being exploited in the wild by threat actors.


Ivanti Standalone Sentry is an appliance that acts as a gateway between devices and an organisation’s backend enterprise systems.

Ivanti has released security updates for a remote code execution vulnerability affecting Ivanti Standalone Sentry. This vulnerability affects all supported versions 9.17.0, 9.18.0, and 9.19.0. However, older versions are also at risk.

The successful exploitation of CVE-2024-41724, could enable an unauthenticated attacker on the same network as the affected system to execute arbitrary commands on the underlying system.

Recommended Actions


The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.


The CCB recommends organisations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://cert.be/en/report-incident

While patching appliances to the newest version may provide safety from future exploitation, it does not remediate historic compromise.