By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > Computing > Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models
Computing

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

News Room
Last updated: 2025/08/10 at 9:36 AM
News Room Published 10 August 2025
Share
SHARE

Aug 09, 2025Ravie LakshmananVulnerability / Hardware Security

Cybersecurity researchers have uncovered multiple security flaws in Dell’s ControlVault3 firmware and its associated Windows APIs that could have been abused by attackers to bypass Windows login, extract cryptographic keys, as well as maintain access even after a fresh operating system install by deploying undetectable malicious implants into the firmware.

The vulnerabilities have been codenamed ReVault by Cisco Talos. More than 100 models of Dell laptops running Broadcom BCM5820X series chips are affected. There is no evidence that the vulnerabilities have been exploited in the wild.

Industries that require heightened security when logging in, via smart card readers or near-field communication (NFC) readers, are likely to use ControlVault devices in their settings. ControlVault is a hardware-based security solution that offers a secure way to store passwords, biometric templates, and security codes within the firmware.

Attackers can chain the vulnerabilities, which were presented at the Black Hat USA security conference, to escalate their privileges after initial access, bypass authentication controls, and maintain persistence on compromised systems that survive operating system updates or reinstallations.

Together, these vulnerabilities create a potent remote post-compromise persistence method for covert access to high-value environments. The identified vulnerabilities are as follows –

  • CVE-2025-25050 (CVSS score: 8.8) – An out-of-bounds write vulnerability exists in the cv_upgrade_sensor_firmware functionality that could lead to an out-of-bounds write
  • CVE-2025-25215 (CVSS score: 8.8) – An arbitrary free vulnerability exists in the cv_close functionality that could lead to an arbitrary free
  • CVE-2025-24922 (CVSS score: 8.8) – A stack-based buffer overflow vulnerability exists in the securebio_identify functionality that could lead to arbitrary code execution
  • CVE-2025-24311 (CVSS score: 8.4) – An out-of-bounds read vulnerability exists in the cv_send_blockdata functionality that could lead to an information leak
  • CVE-2025-24919 (CVSS score: 8.1) – A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality that could lead to arbitrary code execution
Identity Security Risk Assessment

The cybersecurity company also pointed out that a local attacker with physical access to a user’s laptop could pry it open and access the Unified Security Hub (USH) board, allowing an attacker to exploit any of the five vulnerabilities without having to log in or possess a full-disk encryption password.

“The ReVault attack can be used as a post-compromise persistence technique that can remain even across Windows reinstalls,” Cisco Talos researcher Philippe Laulheret said. “The ReVault attack can also be used as a physical compromise to bypass Windows Login and/or for any local user to gain Admin/System privileges.”

To mitigate the risk posed by these flaws, users are advised to apply the fixes provided by Dell; disable ControlVault services if peripherals like fingerprint readers, smart card readers, and near-field communication (NFC) readers are not being used; and turn off fingerprint login in high risk situations.

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article Watch Community Shield Soccer: Livestream Liverpool vs. Crystal Palace From Anywhere
Next Article The Sony Bravia 10 is the TV I’m most excited to see in 2026 — and it could make OLEDs look obsolete
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

Community Shield LIVE RESULT: Crystal Palace beat Liverpool on PENALTIES
News
Screen protector leak compares iPhone 17 Air screen to other models
News
How to Watch Borussia Dortmund vs. Juventus From Anywhere for Free: Stream Preseason Friendly Soccer
News
Law Professor: Let Bereaved Families Delete Data To Stop AI ‘Digital Resurrection’
News

You Might also Like

Computing

Week in Review: Most popular stories on GeekWire for the week of Aug. 3, 2025

3 Min Read
Computing

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

7 Min Read
Computing

Debian 14 Eyes LoongArch CPU Support

2 Min Read
Computing

3 Ways to Easily Visualize Keras Machine Learning Models | HackerNoon

11 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?