Key Takeaways:
- Over 100 Dell laptop models are affected by critical Broadcom chip vulnerabilities.
- The flaws, known as “ReVault,” could allow remote or physical attacks.
- Dell has released security patches and issued urgent mitigation advice.
Cybersecurity experts have disclosed a critical vulnerability in Broadcom chips found in over 100 Dell computer models, putting millions of users at risk. These flaws could enable hackers to hijack devices, steal passwords, and access sensitive data.
According to Cisco Talos researchers, the five security vulnerabilities (tracked as CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, CVE-2025-24919) affect more than 100 Dell laptop models. These flaws, collectively referred to as “ReVault,” affect the ControlVault3 firmware and its associated Windows APIs.
Dell ControlVault is a hardware-based security solution that securely stores and processes sensitive authentication data, such as passwords and biometrics, separate from the main operating system. This isolation helps protect against malware and unauthorized access to enhance overall system security. ControlVault is primarily used by organizations and individuals that require high levels of security for sensitive data and authentication processes.
“These findings highlight the importance of evaluating the security posture of all hardware components within your devices, not just the operating system or software,” explained Cisco Talos senior vulnerability researcher Philippe Laulheret. “As Talos demonstrated, vulnerabilities in widely-used firmware such as Dell ControlVault can have far-reaching implications, potentially compromising even advanced security features like biometric authentication.”
How could attackers exploit the Dell ControlVault3 vulnerabilities?
These vulnerabilities could be exploited to take full control of a user’s device, steal passwords, and gain unauthorized access to sensitive information. The Talos researcher has detailed a couple of attack scenarios.
Attackers could exploit the Broadcom chip vulnerabilities remotely through Windows APIs, which allows even non-admin users to gain elevated privileges and potentially take full control of the device. Moreover, someone with physical access to a laptop could use a USB device to exploit the flaw and install persistent malware, even without logging into the system.
Dell has released security updates to address the vulnerabilities on affected systems. The company advises customers to apply these patches immediately and disable unused services. It’s also recommended to disable fingerprint login in situations with a risk of any unauthorized user physically compromising the device.
