A concerning set of vulnerabilities has been identified in specific Dell business laptop models, putting user data at risk. Cybersecurity experts discovered that hackers can exploit these flaws to circumvent password protections, gain administrative access to systems, and maintain persistent control, even after a complete operating system reinstall. The vulnerabilities, known as ReVault, specifically affect the ControlVault3 and ControlVault3+ firmware.
The ControlVault is a hardware security module crucial for the secure storage of sensitive information like passwords, fingerprints, and security codes. This module is integrated into Dell’s Latitude, Precision, and Rugged series, which are commonly used by businesses and government entities.
**Impacted Dell Laptop Models:**
More than 100 Dell laptop models are affected by this security issue. Key models include:
**Latitude Series:** 5440, 5500, 5520, 5530, 5540, 5550, 7030 Rugged Extreme, 7200 2-in-1, 7330, 7400, 7430, 7450, 7520, 7640, 9330, 9410, 9440 2-in-1, 9450, 9510 2-in-1, 9520, Rugged 7220EX.
**Precision Series:** 3470, 3550, 3560, 3570, 3580, 3590, 5470, 5490, 7540, 7560, 7670. It’s essential for Dell business series laptop users to check for and install the latest updates immediately.
**Attack Scenario:**
Even a regular user can insert malicious code into ControlVault using the Windows API. This malicious code can persist through operating system reinstallation. Attackers with physical access can bypass authentication by directly connecting to the USH board. The fingerprint sensor can also be exploited to accept any fingerprint.
**Recommended Security Measures:**
**Update Firmware Immediately:**
* ControlVault3: Update to version 5.15.10.14 or newer.
* ControlVault3+: Update to version 6.2.26.36 or newer.
* Download and install updates through Windows Update or the Dell support website.
**Disable Unused Features:**
If you do not use fingerprint scanners, smart cards, or NFC, disable them in the Windows Service Manager or Device Manager.
**Avoid Biometrics in Risky Locations:**
Disable fingerprint login when traveling and opt for strong passwords or PINs with Windows Enhanced Sign-In Security (ESS).
**Enable Chassis Intrusion Detection:**
* Enable this feature in the BIOS settings to receive immediate alerts of any attempted tampering.
* Perform an immediate security scan if biometric or credential services experience repeated crashes.