Risky business: Dell's Latitude and Precision business PCs are widely used by enterprise organizations and professional users. Unfortunately for these customers, the systems contain serious security vulnerabilities that could be exploited to compromise highly sensitive data.
Security researchers at Cisco Talos have uncovered "ReVault," a newly identified threat affecting a vast number of Dell enterprise PCs. The attack chain consists of five distinct vulnerabilities found within a hardware-based feature powered by Broadcom's BCM5820X chip series. When combined, the flaws can enable attackers to establish a persistent presence that survives even a full Windows reinstallation.
The five vulnerabilities are tracked as CVE-2025-24311, CVE-2025-25050, CVE-2025-25215, CVE-2025-24922, and CVE-2025-24919. At the core of the problem lies not only the Broadcom chip itself but also a firmware-level security module known as ControlVault3. According to Dell, ControlVault provides a hardware-based secure enclave for storing sensitive information such as passwords and biometric data.
Over 100 Dell laptop models are believed to be affected, with the ControlVault system physically embedded via a daughterboard connected to the system's motherboard firmware. The vulnerabilities primarily impact business-class Latitude and Precision devices systems widely used in enterprise IT, government organizations, and rugged environments where cybersecurity is critical.
Researchers warn that the five vulnerabilities could have a major impact on affected devices. If exploited, they could enable attackers to establish persistent access even after a system has been compromised, potentially facilitate physical attacks in local environments, and more. Dell grouped the five flaws under a single security bulletin (DSA-2025-053), classifying the issue as critical and releasing updated drivers and firmware to mitigate the risk.
The company said affected customers were notified in June, and that it has since worked with the firmware vendor to address the flaws under its Vulnerability Response Policy. Cisco Talos researchers confirmed that the vulnerable Broadcom chip is used exclusively in Dell laptops. So far, no in-the-wild attacks targeting these specific vulnerabilities have been observed.
The researchers emphasized that ReVault underscores the need to thoroughly vet all components when evaluating a device's security, not just the operating system and software. Flaws in widely used firmware like Dell's ControlVault can have serious consequences for organizations, even those relying on biometric-based authentication.
