AMI Security Center

Committed to providing the highest level of security in our products, with our AMI Security Team standing by for a rapid response.

AMI Firmware Security Team

With its BIOS, BMC and Tektagon firmware products deployed on a majority of computing systems across the globe, AMI is deeply committed to its role as a leader in firmware security. The company has established an in-house firmware security team to enable it to rapidly respond to security issues as they arise and provide recommendations to its OEM/ODM customers, as well as the industry at large, through AMI Security Advisories and other communication channels.

AMI Security Advisories

Security Advisories from AMI provide fixes or workarounds for potential vulnerabilities associated with AMI products. AMI continuously works with customers and partners to provide timely updates to help mitigate security vulnerabilities. For customers who have questions related to security advisories, please contact AMI Sales Representative.

AMI Security Advisories:

Document and CVE #s to be provided when available

January 30, 2023
Vulnerabilities CVSS Score AMI Security Advisory Published Date Last Revised
CVE-2022-40258 5.3 AMI-SA-2023001 1/30/23 2/01/23
CVE-2022-26872 8.3 AMI-SA-2023001 1/30/23 2/01/23
CVE-2022-40259 9.9 AMI-SA-2023001 1/30/23 2/01/23
CVE-2022-2827 7.5 AMI-SA-2023001 1/30/23 2/01/23
CVE-2022-40242 9.7 AMI-SA-2023001 1/30/23 2/01/23
December 20, 2022
Vulnerabilities CVSS Score AMI Security Advisory Published Date Last Revised
CVE-2021-44769 4.9 AMI-SA-2022001 12/20/22 12/20/22
CVE-2021-46279 5.8 AMI-SA-2022001 12/20/22 12/20/22
CVE-2021-45925 5.3 AMI-SA-2022001 12/20/22 12/20/22
CVE-2021-4228 5.8 AMI-SA-2022001 12/20/22 12/20/22

Report a Security Issue to AMI

Please provide as much information as possible, including:

  • The products and versions affected.
  • A detailed description of the vulnerability.
  • Information on known exploits.
Aptio UEFI BIOS Firmware

If you have information about a security issue or vulnerability with a BIOS Product from AMI, please send an email to the AMI BIOS Security Team at [email protected]. For added security, we recommend using AMI’s provided Encryption Key to encrypt sensitive information before sending. A member of the BIOS Security Team will review your email and contact you to collaborate on resolving the issue.

MegaRAC BMC Firmware

If you have information about a security issue or vulnerability with a MegaRAC Product from AMI, please send an email to the AMI MegaRAC Security Team at [email protected]. For added security, we recommend using AMI’s provided Encryption Key to encrypt sensitive information before sending. A member of the MegaRAC Security Team will review your email and contact you to collaborate on resolving the issue.

Tektagon Firmware

If you have information about a security issue or vulnerability with a Tektagon Product from AMI, please send an email to the AMI Tektagon Security Team at . For added security, we recommend using AMI’s provided Encryption Key to encrypt sensitive information before sending. A member of the Tektagon Security Team will review your email and contact you to collaborate on resolving the issue.

Security Artices

Encryption Key for Secure Data Transmission

AMI recommends that you encrypt sensitive information to protect it from being viewed by unintended recipients. AMI can exchange emails with you using encryption. AMI highly suggests that you encrypt and decrypt email communications between AMI and yourself using an email client that supports encryption.

It is good security practice that you only trust validated encryption keys. Do not trust encryption keys that have not been validated. It is important to also validate your copy of the AMI public encryption key to ensure it is legitimate.

AMI Security Team Key Information

  • User-ID: AMI Product Security Incident Response Team  [email protected]
  • Created: 12/16/2022 5:52 PM
  • Expires: 12/16/2024 12:00 PM
  • Type: 2048-bit RSA (secret key available)
  • Usage:  Signing, Encryption, Certifying User-IDs
  • Fingerprint: 8AC7EBE6D9FBB2762FBD96605A0C97566041B6BC

Please note that this encryption key is for both the MegaRAC and BIOS security. However, please use the AMI Security Team Key Information as provided above.