Article lists affected models https://arstechnica.com/security/20...mised-on-200-models-from-5-big-device-makers/
Also a report on this here https://www.bleepingcomputer.com/ne...t-bypass-lets-attackers-install-uefi-malware/
I glanced over article. It seems that keys used for testing purposes were leaked... and at the same time they are used by multiple OEM/motherboard vendors. On one hand this is each and every motherboard vendor fault. Still, the best practice, or even compliance requirement, not fulfilled by AMI is to not include credentials in product and test code repository. Then you deliver source code to customer that basically doesn't work until they generate their own keys or other credentials. At least you would reasonably suspect that each and every customer has separate key pairs by doing this.
