Hi, I have tried to log a support case but the page is constantly reloading therefore I need to post here. Our endpoint security product has detected the lmiinfo.sys as being an potentially unsafe application. Having looked into this, we can see a PoC to exploit this vulnerability for privilege escalation to SYSTEM permissions. https://github.com/alfarom256/LogMeInPoCHandleDup We have checked and there's no update available for the LogMeIn clients. Could you please confirm when this will be patched and whether there's any action required on our side? Files:C:/Program Files (x86)/LogMeIn/x64/lmiinfo.sys EAC1B9E1848DC455ED780292F20CD6A0C38A3406C:/Windows/System32/drivers/LMIInfo.sys EAC1B9E1848DC455ED780292F20CD6A0C38A3406C:/Windows/System32/drivers/LMIInfo.sys.000.bak EAC1B9E1848DC455ED780292F20CD6A0C38A3406 Thanks,

We having the same issue. Is there any update on this?

Hi Glen, I've only installed the update on one system so far, due to the issue I raised in my last post, but that system did pass an AV scan w/o a detection. Best,

HappyHippo Good to see you and thanks for calling this out. Our team is currently looking into this, we will post an update when we hear more.

Hi Kate,Do you have any update to share on this? We have also received the same for the rainfo.sys file from LogMeIn - I believe related to the same vulnerability.C:/Program Files (x86)/LogMeIn/x64/rainfo.sysD0415ADE5501A645D8A43A0A90AB32A312BD4605We kindly await for an update and hopefully a date for remediation.Thanks

Security Vulnerability within LMInfo.sys

SOSCOMP
New Contributor
9 months ago
Did you find resolution to this issue?
- GlennD
  GoTo Manager
  9 months ago
  SOSCOMP I've looked through the last 2 weeks of support tickets for any other customers reporting the same ESET issue and the couple that I have found all reported the issue was resolved after installing the update. AT this stage I think the best thing is for you to call support from one of your computers and go though the update process with a representative so they can observe, capture what happens and any other relevant details.
  - SOSCOMP
    New Contributor
    9 months ago
    Ok thanks for the help and suggestion! It appears it is fixing some but not others at this point.
SOSCOMP
New Contributor
9 months ago
Hi did your get a resolution to this? We have same issue -using ESET Endpoint
KateG
GoTo Moderator
10 months ago
HappyHippo Good to see you and thanks for calling this out.

Our team is currently looking into this, we will post an update when we hear more.
- HappyHippo
  Contributor
  9 months ago
  Hi Kate,
  
  Do you have any update to share on this? We have also received the same for the rainfo.sys file from LogMeIn - I believe related to the same vulnerability.
  
  C:/Program Files (x86)/LogMeIn/x64/rainfo.sys
  D0415ADE5501A645D8A43A0A90AB32A312BD4605
  
  We kindly await for an update and hopefully a date for remediation.
  
  Thanks
  - KateG
    GoTo Moderator
    9 months ago
    Hi lmiuser12, HappyHippo good to talk with you both.
    
    It’s currently being worked on still and we will begin releasing updates as they become ready. We have to test and make sure each component we update doesn’t introduce any new issues.
    
    I do understand this is of concern. I'll update as I learn further, please feel free to check in as well. Thanks!
- lmiuser12
  New Contributor
  9 months ago
  We having the same issue. Is there any update on this?
- HappyHippo
  Contributor
  9 months ago
  Thanks Kate.

Forum Discussion

Security Vulnerability within LMInfo.sys

Recent Discussions

Lines instead of screen on mobile app

I want Help with Remote Desktop File Transfer on LogMeIn Pro

connexion

Rainst.exe registry modification

MacOS Sequoia CONTROL+ALT+DELETE does not function.