Millions of Dell laptops at risk due to Broadcom chip security flaw - here's how you can stay safe

News
By published

Tens of millions of Dell devices are at risk, so patch now

Secure online access with password and login page to manage personal profile account. Secured connection and data security on internet. Cybersecurity and sign in form. User working on laptop computer.
(Image credit: Shutterstock)
  • Critical security vulnerabilities have been identified in Broadcom chips
  • These flaws leave Dell devices containing the chips at risk
  • The resulting attack has been dubbed 'ReVault', and users should patch now

A host of critical security flaws in Broadcom chips could mean tens of millions of Dell laptops and other devices are at risk of possible attack.

The serious vulnerabilities have been found in over 100 models of Dell laptops with Broadcom chips, Cisco Talos has revealed, and are therefore at risk of an attack the researchers dubbed ‘ReVault’.

A ReVault attack could be used ‘as a physical compromise to bypass Windows Login and/or for any local user to gain Admin/System privileges’, allowing a hacker to steal sensitive information and credentials, as well as biometric data like fingerprint information.

Dell laptops at risk

These flaws could have a ‘significant’ impact on victims, and Cisco Talos reports two primary attack scenarios; a physical attack, and a post-compromise pivot.

As the name suggests, the physical attack refers to a local attacker with access to the victim’s device gaining direct access to the USH board over USB with a custom connector.

From there, the vulnerabilities become ‘in-scope for the attacker without requiring the ability to log-in into the system or knowing a full-disk encryption password’. If a system is configured to be unlocked with biometric data, it could be possible to adjust the CV firmware to allow any fingerprint rather than just legitimate users.

In a post-compromise pivot, users without administrative privileges can use the CV firmware to trigger Arbitrary Code Execution, and potentially leak ‘key material essential to the security of the device’ and then gain the ability to modify the firmware permanently.

Dell confirmed that customers have been notified about available updates that address the vulnerabilities; “Working with our firmware provider, we addressed the issues quickly and transparently disclosed the reported vulnerabilities in accordance with our Vulnerability Response Policy.”

“Customers can review the Dell Security Advisory DSA-2025-053 for information on affected products, versions, and more. As always, it is important that customers promptly apply security updates that we make available and move to supported versions of our products to ensure their systems remain secure.”

It’s not yet clear if these vulnerabilities have been exploited in the wild, but users are of course advised to patch urgently to address them, as well as to regularly rotate passwords and use MFA where possible.

You might also like

TOPICS
Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.