Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack

black hat Critical security flaws in Broadcom chips used in more than 100 models of Dell computers could allow attackers to take over tens of millions of users' devices, steal passwords, and access sensitive data, including fingerprint information, according to Cisco Talos.

The five vulnerabilities, CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, CVE-2025-24919, exist in Broadcom BCM5820X series chips that Cisco says are found in tens of millions of Dell business PCs with ControlVault3, primarily its Latitude and Precision series. ControlVault3 is a hardware-based secure enclave used to store sensitive info such as passwords, biometrics, and security codes in firmware.

A Dell spokesperson told The Register that it notified customers about updates to fix these bugs on June 13.

"Working with our firmware provider, we addressed the issues quickly and transparently disclosed the reported vulnerabilities in accordance with our Vulnerability Response Policy," the Dell spokesperson said. "Customers can review the Dell Security Advisory ...