Security Center

Report a BIOS or BMC Firmware Security Issue to AMI

Committed to providing the highest level of security in our products, with our AMI Security Team standing by for a rapid response

AMI Firmware Security Team

With its BIOS and BMC firmware products deployed on a majority of computing systems across the globe, AMI is deeply committed to its role as a leader in firmware security. The company has established an in-house firmware security team to enable it to rapidly respond to security issues as they arise and provide recommendations to its OEM/ODM customers, as well as the industry at large, through AMI Security Advisories and other communication channels.

AMI Security Advisories

For AMI OEM/ODM customers, we request that you contact your AMI Sales Representative for the latest Security Advisory information from AMI. When necessary, AMI Security Advisories provide fixes or workarounds for potential vulnerabilities associated with AMI's BIOS products.

Report a Security Issue to AMI

Please provide as much information as possible, including:

  • The products and versions affected.
  • A detailed description of the vulnerability.
  • Information on known exploits.

Aptio UEFI BIOS Firmware

If you have information about a security issue or vulnerability with a BIOS Product from AMI, please send an email to the AMI BIOS Security Team at [email protected]. For added security, we recommend using AMI's provided Encryption Key to encrypt sensitive information before sending. A member of the BIOS Security Team will review your email and contact you to collaborate on resolving the issue.

MegaRAC BMC Firmware

If you have information about a security issue or vulnerability with a MegaRAC Product from AMI, please send an email to the AMI MegaRAC Security Team at megar[email protected]. For added security, we recommend using AMI's provided Encryption Key to encrypt sensitive information before sending. A member of the MegaRAC Security Team will review your email and contact you to collaborate on resolving the issue.

Encryption Key for Secure Data Transmission

AMI recommends that you encrypt sensitive information to protect it from being viewed by unintended recipients. AMI can exchange emails with you using encryption. AMI highly suggests that you encrypt and decrypt email communications between AMI and yourself using an email client that supports encryption.

It is good security practice that you only trust validated encryption keys. Do not trust encryption keys that have not been validated. It is important to also validate your copy of the AMI public encryption key to ensure it is legitimate.

AMI Security Team Key Information

  • User-ID: AMI Security Response Team <[email protected]>
  • Created: 5/4/2020 11:55 PM
  • Expires: 5/4/2022 12:00 PM
  • Type: 2048-bit RSA (secret key available)
  • Usage: Signing, Encryption, Certifying User-IDs
  • Fingerprint: 722A1587CC00427D1FB3559BABF5DCF6288ADE74

Please note that this encryption key is for both the MegaRAC and BIOS security. However, please use the AMI Security Team Key Information as provided above.

Report Issue

If you choose to use the form below, please include a brief explanation of the security issue. Please do not describe details as requested in the text above.

Connect Partner Develop Power on Manage Be Secure with AMI