Overview
- Cisco Talos revealed five critical ReVault vulnerabilities in the Broadcom BCM5820X ControlVault3 module during an August 5–6 public disclosure ahead of its Black Hat presentation
- The flaws allow attackers to implant persistent backdoors in firmware, bypass Windows login and escalate to Admin/System privileges even after reinstalling the operating system
- Physical attacks can succeed when a local adversary connects directly to the Unified Security Hub board over USB and manipulates fingerprint authentication to accept any input
- Dell issued firmware updates for affected models between March and May, distributing them via Windows Update and its support site, and there is no evidence of in-the-wild exploitation
- Cisco Talos recommends disabling unused ControlVault services and biometric logins and enabling Windows Enhanced Sign-in Security alongside BIOS chassis intrusion alerts for layered defense