Danger alert: Massive numbers of Dell computers equipped with Broadcom processors are susceptible to cyber assault
In a recent development, cybersecurity firm Cisco Talos has reported five critical security flaws in Dell's ControlVault3 hardware-based secure enclave, impacting tens of millions of Dell Latitude and Precision series business PCs. These vulnerabilities, identified as CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, and CVE-2025-24919, exist in Broadcom BCM5820X series chips.
These security flaws, if exploited, could allow attackers to execute arbitrary code, leak sensitive data including biometrics, and maintain persistent undetectable access. The vulnerabilities could potentially be used to bypass biometric authentication by tampering with firmware to accept any fingerprint.
Dell has responded promptly, notifying customers about updates to fix these bugs on June 13. The updates are available for ControlVault3 and ControlVault3 Plus drivers and firmware, with the latest recommended versions being at least 6.2.26.36 or later, depending on the model. These updates can be verified and downloaded via Dell Security Advisory DSA-2025-053.
To protect Dell computers from these vulnerabilities, Dell recommends several precautions:
- Install Dell's security patches and firmware updates: Regularly check for and apply these updates to ensure your system is secure.
- Ensure your system firmware and drivers are up to date: ControlVault3 firmware updates may also be delivered automatically via Windows Update, but it’s best to check Dell’s official site for firmware versions.
- Disable fingerprint login authentication: In environments with an elevated risk of physical compromise, such as hotel rooms or shared workspaces, it is advisable to disable fingerprint login to prevent potential attacks.
- Enable chassis intrusion detection if supported and configured beforehand: This feature can alert you to physical tampering attempts, though it must be enabled proactively.
- Follow general security best practices: Regularly check for and apply Dell updates, use strong passwords, and limit physical access to devices where possible.
It's worth noting that both Dell and Talos are not aware of any in-the-wild exploitation of the CVEs. However, prompt application of Dell’s released firmware and driver updates combined with disabling fingerprint login in risky environments and enabling physical tampering alerts are the key recommended steps to mitigate these CVEs on affected Dell systems.
For more detailed information on affected products, versions, and other aspects, customers can review the Dell Security Advisory DSA-2025-053. Philippe Laulheret, a Talos senior vulnerability researcher, will discuss the security holes and how they can be abused during a Wednesday talk at Black Hat.
- The identified security flaws in Dell's ControlVault3 hardware-based secure enclave could potentially allow attackers to execute arbitrary code, leak sensitive data, and maintain persistent undetectable access, which might include bypassing biometric authentication by tampering with firmware.
- To safeguard Dell computers from these vulnerabilities, Dell recommends installing security patches and firmware updates, ensuring system firmware and drivers are up to date, disabling fingerprint login authentication in risky environments, enabling chassis intrusion detection (if supported and configured), and following general security best practices.
- AI in cybersecurity could play a significant role in detecting and preventing potential exploitation of the identified security flaws in Dell's hardware, given the potential for these vulnerabilities to be used for malicious purposes in data-and-cloud-computing and technology-dependent environments.
- With the prompt response from Dell about the availability of updates to fix these bugs on June 13, users can verify and download the necessary updates via Dell Security Advisory DSA-2025-053, ensuring their systems are secure against these critical security flaws.
