Millions of Dell PCs at Risk from Broadcom Vulnerability Enabling Remote Hijack

Cybersecurity researchers at Cisco Talos have discovered five critical vulnerabilities in Dell’s ControlVault3 security hardware that could affect millions of business laptops worldwide.

The flaws, collectively dubbed “ReVault,” enable attackers to remotely hijack systems and maintain persistent access even after complete Windows reinstallation.

The vulnerabilities affect more than 100 models of actively-supported Dell laptops, primarily from the business-focused Latitude and Precision series.

These systems are extensively deployed across cybersecurity companies, government agencies, and enterprises requiring enhanced security features.

The affected devices utilize Dell’s ControlVault3 and ControlVault3+ firmware, which provides hardware-based security for storing passwords, biometric templates, and security codes.

Dell ControlVault operates through a dedicated daughter board called the Unified Security Hub (USH), which manages various security peripherals including fingerprint readers, smart card readers, and NFC devices.

This hardware-based approach was designed to provide enhanced security, but the discovered vulnerabilities turn this trusted component into a potential attack ...