Subj : Millions of Dell laptops at risk due to Broadcom chip security fl To : All From : TechnologyDaily Date : Wed Aug 06 2025 12:45:08 Millions of Dell laptops at risk due to Broadcom chip security flaw - here's how you can stay safe Date: Wed, 06 Aug 2025 11:31:00 +0000 Description: Critical flaws put millions of Dell devices taken over - users told to patch now. FULL STORY ======================================================================Critical security vulnerabilities have been identified in Broadcom chips These flaws leave Dell devices containing the chips at risk The resulting attack has been dubbed 'ReVault', and users should patch now A host of critical security flaws in Broadcom chips could mean tens of millions of Dell laptops and other devices are at risk of possible attack. The serious vulnerabilities have been found in over 100 models of Dell laptops with Broadcom chips, Cisco Talos has revealed , and are therefore at risk of an attack the researchers dubbed ReVault. A ReVault attack could be used as a physical compromise to bypass Windows Login and/or for any local user to gain Admin/System privileges, allowing a hacker to steal sensitive information and credentials, as well as biometric data like fingerprint information. Dell laptops at risk These flaws could have a significant impact on victims, and Cisco Talos reports two primary attack scenarios; a physical attack, and a post-compromise pivot. As the name suggests, the physical attack refers to a local attacker with access to the victims device gaining direct access to the USH board over USB with a custom connector. From there, the vulnerabilities become in-scope for the attacker without requiring the ability to log-in into the system or knowing a full-disk encryption password. If a system is configured to be unlocked with biometric data, it could be possible to adjust the CV firmware to allow any fingerprint rather than just legitimate users. In a post-compromise pivot, users without administrative privileges can use the CV firmware to trigger Arbitrary Code Execution, and potentially leak key material essential to the security of the device and then gain the ability to modify the firmware permanently. Dell confirmed that customers have been notified about available updates that address the vulnerabilities; Working with our firmware provider, we addressed the issues quickly and transparently disclosed the reported vulnerabilities in accordance with our Vulnerability Response Policy. Customers can review the Dell Security Advisory DSA-2025-053 for information on affected products, versions, and more. As always, it is important that customers promptly apply security updates that we make available and move to supported versions of our products to ensure their systems remain secure. Its not yet clear if these vulnerabilities have been exploited in the wild, but users are of course advised to patch urgently to address them, as well as to regularly rotate passwords and use MFA where possible. You might also like Take a look at our picks for the best malware removal software around Check out our choice for best antivirus software SonicWall VPNs are being targeted by a new zero-day in ransomware attacks ====================================================================== Link to news story: https://www.techradar.com/pro/security/millions-of-dell-laptops-at-risk-due-to -broadcom-chip-security-flaw-heres-how-you-can-stay-safe --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .