285/68 Thursday, August 7, 2025
Cisco Talos has disclosed five critical security vulnerabilities in Broadcom’s BCM5820X chips, which are used in over 100 models of Dell computers – particularly in enterprise-focused devices like Dell Latitude and Precision. These systems often feature ControlVault3, a dedicated security subsystem used to store sensitive data such as passwords, fingerprint information, and security keys. The vulnerabilities – CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, and CVE-2025-24919 – could allow attackers to hijack a user’s device, exfiltrate sensitive data, and implant undetectable backdoors in the firmware.
Dell issued a customer advisory on June 13, urging users to update their firmware immediately. Although no in-the-wild exploitation has been reported so far, Philippe Laulheret, a researcher from Talos, warned that these flaws could allow low-privilege attackers to execute malicious code within the ControlVault firmware, potentially extracting critical secrets and implanting persistent backdoors. This represents a high-level threat, particularly for systems used in national security, government agencies, or industrial sectors that rely on smart card and NFC-based authentication.
The report also notes that if an attacker gains physical access to a device – for example, by opening a laptop that lacks tamper-detection mechanisms – they could use a special USB cable to interface with the USH board without needing login credentials or disk decryption passwords. Talos recommends disabling fingerprint authentication on at-risk devices and regularly updating both firmware and system software. Users are advised to consult Dell Security Advisory DSA-2025-053 and apply firmware updates directly via Windows Update or Dell’s official website.
Source https://www.theregister.com/2025/08/05/millions_of_dell_pc_with/
