IEI logo
Search
繁體中文
Choose your language

IEI Security Advisories

Protection. Security. Transparency.

RECENT SECURITY ADVISORIES

Proactive Cybersecurity: Safeguarding Edge Computing from Emerging Threats

As Edge AI adoption accelerates, cybersecurity threats are on the rise. At IEI, we take a proactive approach to securing our products against vulnerabilities. The IEI Product Security Incident Response Team (PSIRT) is dedicated to identifying, assessing, and mitigating security risks, ensuring that your edge deployments remain protected.
To further reinforce our cybersecurity commitment, IEI officially joined the FIRST (Forum of Incident Response and Security Teams) in 2024. As a globally recognized cybersecurity organization, FIRST connects IEI with leading security experts and incident response teams worldwide, enhancing our ability to share threat intelligence, adopt best practices, and respond to emerging threats effectively. This membership strengthens IEI's cybersecurity framework, ensuring our customers benefit from more robust and resilient security measures.

FIRST Logo

For announcements prior to 2026, please refer to the old version of the announcements.

Security Advisories

Loading security bulletins...

Vulnerability Disclosure Policy

The Vulnerability Disclosure Policy provides a framework for reporting potential vulnerabilities to the IEI Security Bounty Program, including our PGP public key and points of contact.

IEI Security Bounty Program

The IEI Security Bounty Program is a collaboration between IEI and the research community. IEI believes that partnering with security researchers and promoting security research is essential to enhancing the security of IEI products. We encourage security researchers to collaborate with us in identifying, mitigating, and responsibly disclosing potential security vulnerabilities. We look forward to working with you! Refer to the IEI Security Bounty Program for more details.

Official recognition for valid reports

Direct Report

We encourage developers and power users to report any potential or confirmed security vulnerabilities of IEI products to the Security Response Team. Please use the below PGP encryption public key to encrypt your email message, and send it to security@ieiworld.com

Use PGP Key for Encryption
Public Key 
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZmkXHhYJKwYBBAHaRw8BAQdAsiTmXpuCcNDoEqkLOGnmtYuF5+FV/UG4ZLLnlO/ZU5G0MElFSSBWdWxuZXJhYmlsaXR5IFJlcG9ydCA8c2VjdXJpdHlAaWVpd29ybGQuY29tPoiZBBMWCgBBFiEELz8P+ZLsc+1rdF+P/A0Nb+MwikMFAmZpFx4CGwMFCQWjmoAFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQ/A0Nb+MwikNbJQEA3NaOmFggi+7iPHtw3RfZrWHKoLKDRKJxc9PBfgQURe8A/Ru6/mVdOhx89Hf5nhgyvFrZYeteEgBOG2i8hnzmWw8IuDgEZmkXHhIKKwYBBAGXVQEFAQEHQMUrdn2f67uBPNqvZZ9Up5FCMZ5y3pxLBhSlZRTvuu8jAwEIB4h+BBgWCgAmFiEELz8P+ZLsc+1rdF+P/A0Nb+MwikMFAmZpFx4CGwwFCQWjmoAACgkQ/A0Nb+MwikPTMwEA8tr2PvTi1/rL3rX1Pjun3byR3eEg7/mT+07UGsjWP34A/jCZQtDM9MCmwpEiAuewDtFLYvrsAHKkPqCGTFAoUp8G=f5DV
-----END PGP PUBLIC KEY BLOCK-----

Security Incident Response Process

IEI currently utilizes the Common Vulnerability Scoring System (CVSS) version 3.x to assess security severity. The IEI Product Security Incident Response Team (PSIRT) serves as the central point for reporting potential security issues related to IEI products. IEI PSIRT collaborates with the broader security ecosystem, including security researchers, industry peers, customers, and vendors, to identify and address potential threats. Working closely with various teams within IEI, the PSIRT team holds weekly meetings and follows a structured high-level process to ensure effective incident response and security management.

Stage 1: Triage

Review the submitted information, validate the issues during the IEI PSIRT weekly meetings, assign a ticket ID, and identify the appropriate engineering team(s).

Stage 2: Investigation

IEI PSIRT collaborates closely with the product development team to pinpoint the root cause of the vulnerability and assess its severity and impact on IEI products.

Stage 3: Remediation

If remediation is required, works with vendors and product development team to define approach and plans.

Stage 4: Disclosure

Appropriate notification will be provided to affected customers and/or published in the Security Advisory section of our website regarding the product cybersecurity vulnerability.

Vulnerability Disclosure Policy

Our priority is to ensure timely security fixes and clear disclosure.

Security Bounty Program

IEI's Security Bounty Program rewards security researchers for reporting vulnerabilities in IEI software systems and IEI official website.