Dell Control Vault firmware ReVault undocumented-command security flaw
Vulnerability
Summary
Hide ▲
Show ▼
Researchers disclosed ReVault, a Control Vault firmware flaw affecting millions of Dell Latitude and Precision laptops that can enable code execution and fingerprint-bypass access. The bug matters because it lets a local user reach the embedded security board through undocumented commands and target a trusted peripheral-management component. Dell and Broadcom have already released patches, reducing exposure for systems that install the updates.
Related Happenings
Windows Agere Modem driver active zero-day (CVE-2025-24990)
Vulnerability
First: 15.10.2025 01:57
Last: 15.10.2025 01:57
Sources 1
About this happening:
**CVE-2025-24990** is an **actively exploited zero-day** in the **Agere Modem** driver bundled with **Windows** for years, and Microsoft responded by **removing the vulnerable dri...
Windows Agere Modem driver active zero-day (CVE-2025-24990)
VulnerabilityAbout this happening: **CVE-2025-24990** is an **actively exploited zero-day** in the **Agere Modem** driver bundled with **Windows** for years, and Microsoft responded by **removing the vulnerable dri...
Microsoft Defender for Endpoint logic bug triggers false Dell BIOS outdated alerts
Security Tool/Service
First: 02.10.2025 17:20
Last: 02.10.2025 17:20
Sources 1
About this happening:
**Microsoft Defender for Endpoint** is being fixed after a **logic bug** caused false **outdated BIOS** alerts on **Dell devices**, creating unnecessary update prompts across affe...
Microsoft Defender for Endpoint logic bug triggers false Dell BIOS outdated alerts
Security Tool/ServiceAbout this happening: **Microsoft Defender for Endpoint** is being fixed after a **logic bug** caused false **outdated BIOS** alerts on **Dell devices**, creating unnecessary update prompts across affe...
WireTap memory-bus interposer analysis breaks Intel SGX attestation on DDR4 systems
Technical Analysis
First: 01.10.2025 20:20
Last: 01.10.2025 20:20
Sources 1
About this happening:
Researchers demonstrated **WireTap**, a **memory-bus interposer** attack that can extract **Intel SGX attestation keys** on **DDR4 systems**, undermining enclave confidentiality a...
WireTap memory-bus interposer analysis breaks Intel SGX attestation on DDR4 systems
Technical AnalysisAbout this happening: Researchers demonstrated **WireTap**, a **memory-bus interposer** attack that can extract **Intel SGX attestation keys** on **DDR4 systems**, undermining enclave confidentiality a...
CERT-FR Apple spyware notification mitigation advisory
Advisory/Mitigation
First: 12.09.2025 22:28
Last: 12.09.2025 22:28
Sources 1
About this happening:
**CERT-FR** warned that **Apple spyware notifications** can mean devices linked to an **iCloud account** were targeted and potentially compromised. The agency said the threat can...
CERT-FR Apple spyware notification mitigation advisory
Advisory/MitigationAbout this happening: **CERT-FR** warned that **Apple spyware notifications** can mean devices linked to an **iCloud account** were targeted and potentially compromised. The agency said the threat can...
Timeline
-
19.08.2025 23:54 1 articles · 9mo ago
ReVault firmware flaw and Dell patching
Technical Analysis UpdateResearchers disclosed ReVault in Dell Control Vault firmware affecting millions of Dell Latitude and Precision laptops. The flaw lets a user on the machine send undocumented commands to the Control Vault board, enabling code execution, secret-key extraction, permanent firmware modification, and fingerprint-authentication bypass, while Dell and Broadcom released fixes through Windows updates and Dell's automatic update system.
Show sources
- Agentic AI, Apple Intelligence, EV Chargers: Everyday Cybersecurity Peril Abounds for Businesses — www.darkreading.com — 19.08.2025 23:54