Millions of Dell laptops using Broadcom chips may be vulnerable due to firmware issues allowing data theft if not properly patched. The Dell ControlVault system-on-chip stores sensitive information such as passwords and biometric data. It connects peripherals through a Unified Security Hub. Cisco Talos identified five vulnerabilities known as ReVault affecting over 100 Dell laptop models, including multiple out-of-bounds vulnerabilities and unsafe deserialization in ControlVault's Windows APIs. These flaws can give attackers full control over devices, yielding access to passwords and sensitive data, even allowing exploitation through physical tampering.
These findings highlight the importance of evaluating the security posture of all hardware components within your devices, not just the operating system or software.
As Talos demonstrated, vulnerabilities in widely-used firmware such as Dell ControlVault can have far-reaching implications, potentially compromising even advanced security features like biometric authentication.
Collection
[
|
...
]