Critical Security Flaws in Broadcom Chips: A Call to Action for Dell Users

Recent findings from Cisco Talos have unveiled alarming vulnerabilities in Broadcom chips that power over 100 models of Dell computers. These security flaws could potentially allow attackers to take control of tens of millions of devices, steal sensitive information, and even access biometric data such as fingerprints. The vulnerabilities, identified as CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, and CVE-2025-24919, are embedded in the Broadcom BCM5820X series chips, primarily found in Dell’s Latitude and Precision series equipped with ControlVault3 technology.

Understanding ControlVault3 and Its Importance

ControlVault3 serves as a hardware-based secure enclave designed to safeguard sensitive information, including passwords, biometrics, and security codes. This technology is particularly crucial for industries that require heightened security measures, such as cybersecurity firms and government agencies. The presence of ControlVault3 in these devices underscores their importance in maintaining secure environments, especially when logging in through smartcards or NFC.

The Vulnerabilities: A Closer Look

The five identified vulnerabilities present a significant risk. According to Talos, these flaws could be exploited by low-privilege users to fully compromise the chip, allowing them to steal critical secrets and gain persistent access to the device’s application firmware. For instance, CVE-2025-24919 is an unsafe-deserialization vulnerability affecting ControlVault’s Windows APIs. This flaw enables a non-administrative user to trigger arbitrary code execution on the firmware, potentially leaking key materials essential for device security.

Attack Scenarios

Talos has outlined several potential attack scenarios that illustrate the severity of these vulnerabilities. In one scenario, an attacker could implant a backdoor in the ControlVault firmware, allowing them to maintain undetected access to the compromised machine. This kind of exploitation is particularly concerning, as it could occur without the user’s knowledge.

Another scenario involves a local attacker with physical access to a vulnerable laptop. If a user leaves their device unattended, an attacker could physically access the USH board via USB with a custom connector, compromising the machine without needing to log in or use a full-disk encryption password. This highlights the importance of physical security, as chassis-intrusion detection features only work if they are enabled beforehand.

Implications for Users

The implications of these vulnerabilities are far-reaching. Sensitive industries that rely on Dell’s Latitude and Precision series laptops must take immediate action to secure their devices. The potential for unauthorized access to biometric data, such as fingerprints, raises serious concerns about user privacy and data security.

Dell has acknowledged the vulnerabilities and notified customers about updates to address these issues. A spokesperson emphasized the importance of applying security updates promptly and moving to supported versions of their products to ensure ongoing security.

Recommendations for Mitigation

To mitigate the risks associated with these vulnerabilities, Talos recommends several best practices:

1. Disable Fingerprint Login: In high-risk environments, such as hotels, users should consider disabling fingerprint login to prevent unauthorized access.

2. Keep Systems Updated: Regularly check for and apply firmware updates. While CV firmware can be auto-deployed via Windows Update, Dell typically releases firmware updates a few weeks in advance.

3. Enhance Physical Security: Users should be vigilant about the physical security of their devices, especially in public or shared spaces.

4. Monitor for Updates: Stay informed about security advisories and updates from Dell, as well as any new findings from cybersecurity researchers.

Conclusion

The discovery of these critical vulnerabilities in Broadcom chips used in Dell computers serves as a stark reminder of the importance of cybersecurity in today’s digital landscape. With tens of millions of devices potentially at risk, it is imperative for users to take proactive measures to secure their systems. By staying informed and applying necessary updates, users can help protect their sensitive information and maintain the integrity of their devices.