If you have information about a security issue or vulnerability with a product that may involve Insyde's UEFI-based firmware, use Insyde Software's SRT public PGP key (provided below) to send an encrypted e-mail and verify that security e-mails from Insyde Software are genuine. Please send e-mails to security.report@insyde.com

Please provide as much information as possible, including:

• The products and versions affected
• Detailed description of the vulnerability
• Steps to demonstrate the vulnerability or reproduce the exploit, including specific configurations or peripherals, if relevant
• Potential impact of the vulnerability, when exploited
• Information on known exploits

Thank you for reporting your findings!

-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User-ID: Insyde Software Security Report
Comment: Created: 9/1/2022 10:08 AM
Comment: Expires: 1/1/2027 12:00 PM
Comment: Type: 255-bit EdDSA (secret key available)
Comment: Usage: Signing, Encryption, Certifying User-IDs, SSH Authentication
Comment: Fingerprint: 8F09A3D2C5450556223C12119B2465EC39F45B40

mDMEYxDm9RYJKwYBBAHaRw8BAQdALO583damFI+MWLBuRxSv7Q6yu+y1zLkyjX2/
dByuuVq0PEluc3lkZSBTb2Z0d2FyZSBTZWN1cml0eSBSZXBvcnQgPHNlY3VyaXR5
LnJlcG9ydEBpbnN5ZGUuY29tPoiZBBMWCgBBFiEEjwmj0sVFBVYiPBIRmyRl7Dn0
W0AFAmMQ5vUCGyMFCQgnHssFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQ
myRl7Dn0W0DWZAEAurvMEDAa67IGxDCVfD/Z26H5bnPtC5bwx5mtmmLFXVwA/Rpl
QoahxpXEZmVEiyS7H/ZJFlKO9ZENxIHIw/vOPCwCuDgEYxDm9RIKKwYBBAGXVQEF
AQEHQGt8IwmBBGAodUZYMCx9plrcGpn/wQP4izecjyuicwN8AwEIB4h+BBgWCgAm
FiEEjwmj0sVFBVYiPBIRmyRl7Dn0W0AFAmMQ5vUCGwwFCQgnHssACgkQmyRl7Dn0
W0BdTQD/YFG0tjfbDrm/zz+tZ6Mb1ulAIbXdThpC5nFBXve/h14A/jdXkvHStRPr
Skh1h4GFJMjw3rFa3SvM+fE17evaH78I
=4ro7
-----END PGP PUBLIC KEY BLOCK-----