Cybersecurity researchers have uncovered serious vulnerabilities in several Dell business laptop models. These flaws allow malicious actors to bypass password protection, obtain administrator rights, and maintain control of the system even after the operating system is reinstalled. The vulnerabilities, collectively called ReVault, specifically target the ControlVault3 and ControlVault3+ firmware.
ControlVault is a critical hardware security module that securely stores sensitive data, including passwords, fingerprint data, and security codes. Dell utilizes this module in its Latitude, Precision, and Rugged series laptops, which are often deployed in government agencies and large corporations.
**Affected Dell Laptop Models:**
Over 100 Dell laptop models are susceptible to this security flaw. Some of the most notable models include:
**Latitude Series:** 5440, 5500, 5520, 5530, 5540, 5550, 7030 Rugged Extreme, 7200 2-in-1, 7330, 7400, 7430, 7450, 7520, 7640, 9330, 9410, 9440 2-in-1, 9450, 9510 2-in-1, 9520, Rugged 7220EX, and more.
**Precision Series:** 3470, 3550, 3560, 3570, 3580, 3590, 5470, 5490, 7540, 7560, 7670, and more. Dell business series laptop owners should immediately check for and install available updates.
**How the Attack Works:**
Even a standard user can inject malicious code into the ControlVault using the Windows API. This malicious code can persist even after the operating system is reinstalled. Physical access to the laptop allows for bypassing authentication via direct connection to the USH board. Furthermore, the fingerprint sensor can be manipulated to accept any fingerprint.
**Steps to Protect Yourself:**
**Immediate Firmware Update:**
* ControlVault3: Upgrade to version 5.15.10.14 or higher.
* ControlVault3+: Upgrade to version 6.2.26.36 or higher.
* Download and install updates from Windows Update or the Dell support website.
**Disable Unused Security Features:**
If you don’t use fingerprint login, smart cards, or NFC, turn them off in the Windows Service Manager or Device Manager.
**Avoid Biometrics in Risky Situations:**
Disable fingerprint login when traveling and use strong passwords or PINs with Windows Enhanced Sign-In Security (ESS).
**Enable Chassis Intrusion Detection:**
* Enable this feature in your BIOS to get immediate alerts of any tampering.
* If biometric or credential services repeatedly crash, initiate a security scan immediately.
