Controlvault3 firmware can allow the attackers to bypass Windows login and install malware that restores the system that restores the system.
Dell controlwolt is a hardware-based safety solution that stores passwords, biometric data and safety codes within a dedicated daughterboard, known as Unified Security Hub (USH).
Five weaknesses and dub “dub” reported by Cisco’s Telos Security DivisionRe -start“Dell’s trade-focused latitude and exact laptop series affect both Controlvault3 firmware and its Windows Application Programming Interface (API).
These devices are popular in cyber security, government and industrial environment, where smartcards, fingerprints and NFCs are also commonly used for authentication.
Out-of-bounds falls (CVE-2025-24311, CVE-2025-25050), a arbitrary free vulnerability (CVE-2025-25215), a stack overflow (cve-2025-24922, and an unnecessary insertion insertion (CVE-2025-24919).
Ditch Security update has been issued To address Revault Flaws in Controlvault3 driver and firmware between March and May. Full list of affected models is available Dale’s security advisor,
Windows login bypass and privilege increase
Chasing these weaknesses may allow the attackers to obtain arbitrary code execution on firmware, possibly constant implants that avoid restoration of windows.
They can avail physical access to bypass Windows login or increase local user privileges to administrator levels.
“A local attacker with physical access to a user’s laptop can open it and reach the USH board on the USB with a custom connector directly,” Cisco Talos said,
“From there, all the weakens described earlier become an in-scope for the attacker without the need for logging in the system or the ability to know the full-disk encryption password.”
Successful exploitation may also be able to manipulate attackers in fingerprint authentication, forcing targeted devices To accept any fingerprint Instead of only valid users.
Talos advises to keep the system updated through Windows update or Dell’s website, which disables unused safety external devices such as fingerprint readers, smart card readers and NFC readers, and disables fingerprint login in high -risk conditions.
To reduce certain physical attacks, researchers also suggested physical tampering efforts in Windows to detect inappropriate CV firmware and also to enable the detection of chassis infiltration in computer bios settings to increase sign-in security (ESS) in Windows.
Malware targeting password stores increased 3x as the attackers secretly carried out the perfect history landscape, infiltrated and exploited important systems.
Search for the top 10 Metter Att & CK techniques behind the 93% attacks and how to defend them.
