Dell ControlVault3 firmware login bypass and persistence flaws (multiple vulnerabilities)
Vulnerability
Summary
Hide ▲
Show ▼
Dell ControlVault3 firmware on 100+ Dell laptop models has multiple flaws that could enable Windows login bypass, cryptographic key extraction, and firmware persistence. Dell fixes are available, and there is no evidence of in-the-wild exploitation. The issue matters because the affected hardware security component can protect credentials and biometrics used in high-security login flows.
Timeline
-
09.08.2025 21:55 1 articles · 9mo ago
Cisco Talos discloses ReVault flaws in Dell ControlVault3 firmware
Initial DisclosureCisco Talos disclosed ReVault, a set of five CVEs in Dell ControlVault3 firmware and its related Windows APIs that affect more than 100 Dell laptop models using Broadcom BCM5820X series chips. The flaws could allow Windows login bypass, cryptographic key extraction, arbitrary code execution, and persistence across operating system reinstalls, including abuse through local physical access to the Unified Security Hub (USH) board. Dell provided fixes and mitigation guidance, and there was no evidence of exploitation in the wild.
Show sources
- Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models — thehackernews.com — 09.08.2025 21:55