By rssfeeds-admin 
These flaws enable attackers to establish persistent access that survives Windows reinstalls and can bypass login security through both remote and physical attack vectors.
Multiple CVEs Target ControlVault3 Security Framework
The security researchers identified five distinct vulnerabilities in Dell’s hardware-based security solution.
The firmware-level flaws include CVE-2025-24311 and CVE-2025-25050 (out-of-bounds vulnerabilities), CVE-2025-25215 (arbitrary free vulnerability), and CVE-2025-24922 (stack overflow).
Additionally, CVE-2025-24919 represents an unsafe deserialization flaw affecting ControlVault’s Windows APIs.
Dell ControlVault operates through a Unified Security Hub (USH) daughter board that manages biometric templates, passwords, and security codes within firmware.
This hardware component connects various security peripherals, including fingerprint readers, smart card readers, and NFC devices.
The affected systems span Dell’s business-oriented Latitude and Precision series, commonly deployed in cybersecurity, government, and industrial environments where enhanced security authentication is critical.
The vulnerability chain allows non-administrative users to trigger arbitrary code execution on the ControlVault firmware through Windows APIs.
This capability enables attackers to extract key material and permanently modify firmware, creating persistent implants that remain undetected across system reinstalls and full disk encryption deployments.
Physical and Remote Attack
The ReVault attack presents two primary threat vectors.
In post-compromise scenarios, attackers can leverage the unsafe deserialization bug (CVE-2025-24919) to establish firmware-level persistence, effectively creating a covert channel back into compromised systems.
The tampered firmware can subsequently exploit Windows systems even after a complete OS reinstallation.
Physical attacks present equally concerning risks.
Attackers with laptop access can directly interface with the USH board via USB using custom connectors, bypassing Windows login requirements and full-disk encryption protections.
Perhaps most critically, compromised ControlVault firmware can be modified to accept any fingerprint input, completely undermining biometric authentication security.
Dell has released patches through DSA-2025-053, with firmware updates available via Windows Update and Dell’s support website.
Organizations should immediately update affected systems, consider disabling unused security peripherals, and enable chassis intrusion detection where available.
Enhanced Sign-in Security (ESS) features may provide additional protection against physical tampering attempts.
These discoveries underscore the expanding attack surface presented by hardware security components and highlight the critical importance of comprehensive firmware security assessments alongside traditional software vulnerability management programs.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
The post Critical Broadcom Chip Flaws in Dell PCs Let Attackers Steal Passwords, Take Control appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.