“`html
Dell Laptops Face Serious Security Risks
Table of Contents
Dell laptop security compromised by ReVault flaws, impacting enterprise models.
- Over 100 Dell laptop models are at risk from five critical vulnerabilities.
- Flaws allow persistent access, bypass of Windows login, and privilege escalation.
- Vulnerabilities impact the ControlVault3 hardware solution used in sensitive industries.
- A spring onion was famously used to demonstrate a physical bypass of fingerprint login.
- Dell released updates on June 13 to address these issues.
The ReVault vulnerabilities center on Dell’s ControlVault3 hardware solution, which manages sensitive data like passwords and biometric templates within the device’s firmware. This component,referred to as a Unified Security Hub (USH),connects to peripherals like fingerprint readers and NFC devices. phillipe Laulheret, a senior vulnerability researcher at Cisco talos, highlighted the potential danger of these flaws, noting that the affected laptop models are widely used in cybersecurity, government, and other high-security environments.
The five disclosed CVEs are CVE-2025-24311 and CVE-2025-25050 (both out-of-bounds flaws), CVE-2025-25215 (arbitrary free vulnerability), CVE-2025-24922 (stack overflow bug), and CVE-2025-24919 (unsafe deserialization flaw affecting Windows APIs).
Exploitation Scenarios and a Surprising Culprit
Researchers detailed how an attacker with limited privileges could exploit the ControlVault firmware via its APIs to execute arbitrary code. This could lead to the theft of key material,allowing permanent modification of the firmware for undetected persistence and further damage. In another scenario, a local attacker with physical access could directly connect to the USH via USB, bypassing the need for system login or full-disk encryption passwords to exploit the remaining four vulnerabilities.
In a striking presentation, a video showed a spring onion being used to unlock a vulnerable laptop after its fingerprint authentication firmware was tampered with, allowing any input, even non-human ones, to be accepted.
Mitigation and detection Advice
While the spring onion demonstration provided an amusing highlight, Cisco Talos stressed the serious implications of the ReVault flaws, emphasizing the need to secure hardware components often overlooked compared to software vulnerabilities. Organizations are strongly advised to install the latest firmware updates, available through Windows Update or directly from Dell. For those not using security peripherals, disabling ControlVault services via Service Manager or Device Manager is recommended.
To counter the specific risk of bypassing fingerprint authentication, security teams might consider disabling fingerprint-based logins or enabling Windows Enhanced Sign-in Security (ESS). For detection, system administrators can look
