Researchers have identified serious security vulnerabilities in Dell's ControlVault3 firmware that pose a risk for over 100 laptop models using Broadcom chips. Known as ReVault, these flaws allow attackers to potentially bypass Windows login, extract sensitive cryptographic keys, and maintain system access even after operating system reinstallation. The vulnerabilities enable privilege escalation, authentication bypass, and persistence on compromised devices. Hardware-based ControlVault solutions are utilized in industries that necessitate advanced security, such as those employing smart card and NFC login methods. Currently, no exploitation of these vulnerabilities has been detected in the wild.
Cybersecurity researchers have uncovered multiple security flaws in Dell's ControlVault3 firmware that could allow attackers to bypass Windows login, extract cryptographic keys, and maintain access to systems even after an operating system reinstall.
The vulnerabilities, named ReVault, affect over 100 models of Dell laptops using Broadcom BCM5820X chips and enable a range of malicious activities without detection.
Collection
[
|
...
]