'ReVault' Flaws in Dell Security Firmware Threaten Over 100 Laptop Models - ID Tech

Cisco Talos security researchers have discovered five critical vulnerabilities, dubbed "ReVault," in Dell's ControlVault3 firmware affecting over 100 Latitude and Precision laptop models.

The flaws target the Broadcom BCM5820X secure processor that stores sensitive authentication data like passwords and biometric templates in hardware-isolated environments. These vulnerabilities could allow attackers to bypass Windows login protections, access sensitive data, and maintain persistent control over systems even after complete operating system reinstallation. The security flaws compromise fundamental hardware-level protections in enterprise-grade Dell laptops, creating attack surfaces that traditional endpoint security solutions may not detect.

• Five specific vulnerabilities include out-of-bounds read/write conditions, buffer overflow, and unsafe deserialization issues in ControlVault's Windows APIs • Dell has released firmware updates between March-May 2025 and urges immediate installation across affected government and corporate devices • The vulnerabilities enable extraction of stored passwords, biometric data bypass, and deployment of persistent malware that survives OS reinstallation • No active exploitation confirmed, but firmware-level threats are particularly dangerous due to detection and remediation challenges