Critical SentinelOne EDR Bypass Vulnerability: What Security Leaders Need to Know

Dangerous new technique allowing attackers to completely bypass SentinelOne’s Endpoint Detection and Response (EDR) solution has been identified by Aon’s Cyber Labs. Robert Fernades has issued an warning about this vulnerability, emphasizing immediate action for organizations using the popular security solution.

The BYOI Attack: How It Works

The newly identified attack method, known as BYOI (Bring Your Own Installer), exploits a critical vulnerability in SentinelOne’s agent upgrade/downgrade process. This sophisticated technique allows attackers to bypass the EDR’s anti-tamper protections, leaving endpoints completely exposed to further compromise.

According to forensic analysis conducted by Stroz Friedberg, the attack works as follows:

1. An attacker first gains local administrative access to a system (in the documented case, through exploitation of an application CVE on a publicly-accessible server)
2. The attacker then deploys multiple versions of legitimate signed SentinelOne installer files, specifically targeting versions 23.4.4.223 and 23.4.6.347
3. By manipulating the installation process between these versions, the attacker triggers multiple ProductVersion changes within approximately a 10-minute period
4. The final step executes an “unload” command, effectively disabling SentinelOne’s protection

Key Forensic Indicators of Compromise

Security teams should be on high alert for the following indicators that may suggest this technique has been employed:

• Creation of multiple legitimate SentinelOne installer files (specifically SentinelOneInstaller_windows_64bit_v23_4_4_223.exe and SentinelInstaller_windows_64bit_v23_4_6_347.msi)
• EventID 1 entries in SentinelOne Operational logs showing rapid version changes between 23.4.4.223 and 23.4.6.347
• EventID 93 with CommandType “unload” as the final event in SentinelOne logs
• EventID 1042 in Application logs showing “MsiInstaller Installer Exited for SentinelInstaller.msi”
• Additional evidence including scheduled task modifications, service disruptions, and local firewall configuration changes

This vulnerability represents a concerning development in the ongoing arms race between security vendors and threat actors. SentinelOne has acknowledged the issue and has been working with Stroz Friedberg to disclose this attack pattern to other EDR vendors, suggesting similar vulnerabilities may exist across multiple security products.

Critical Mitigation: Enable “Online Authorization” Immediately

SentinelOne has provided a straightforward mitigation that all customers should implement immediately:

1. Access the SentinelOne management console
2. Navigate to the Sentinels Policy menu
3. Enable the “Online authorization” feature

This setting prevents local upgrades and downgrades of the SentinelOne agent, effectively blocking the attack vector. Critically, this feature is not enabled by default in SentinelOne deployments, leaving many organizations vulnerable unless they take action.

Expert Recommendations

In addition to enabling Online Authorization, security experts recommend:

1. Audit SentinelOne Version History: Review logs for any suspicious version changes that may indicate a previous compromise
2. Limit Administrative Access: Restrict local administrator privileges to minimize the initial access vector
3. Layer Security Controls: Avoid relying solely on any single EDR solution
4. Monitor for Unusual Installer Activity: Implement alerting for unexpected legitimate installer deployments
5. Engage with SentinelOne Support: Contact your SentinelOne representative for additional guidance specific to your environment

Industry Response

SentinelOne has responded proactively to this discovery, working with security researchers and providing clear mitigation guidance. The company’s transparent approach has been praised by security professionals.

The broader cybersecurity community is now examining other EDR solutions for similar vulnerabilities, as this technique potentially represents a new class of attacks against security tools.

Conclusion

The discovery of this SentinelOne bypass technique serves as a stark reminder that even sophisticated security tools can be vulnerable. Organizations using SentinelOne should take immediate action to enable the Online Authorization feature and implement additional security layers.