Published by Global Banking and Finance Review
Posted on August 5, 2025
2 min readLast updated: January 22, 2026
Dell fixed a critical security flaw in millions of laptops, affecting Broadcom chips. Patches were issued, and no exploitation has been reported.
By AJ Vicens
(Reuters) -A flaw in the chips used to secure tens of millions of Dell laptops could have given attackers the ability to steal sensitive data as well as maintain access even after a fresh operating system install, researchers with Cisco Talos said Tuesday.
The previously unreported analysis, validated by Dell in a June security advisory, affected more than 100 models of Dell laptops, according to the company, and targeted a chip in the computer that stores passwords, biometric data and security codes, and installs fingerprint, smartcard and near-field communications drivers and firmware.
There is no indication that the vulnerabilities have been exploited in the wild, according to the researchers, and Dell issued patches for the devices in March, April and May, with an overall security advisory published June 13.
The vulnerabilities are specific to the Broadcom BCM5820X chip used by Dell in its ControlVault security firmware and software. The flaw affects laptop models common in the cybersecurity industry and government settings, according to Philippe Laulheret, the senior vulnerability researcher at Cisco Talos who discovered and led the analysis.
“Sensitive industries that require heightened security when logging in (via smartcard or NFC) are more likely to find ControlVault devices in their environment,” Laulheret wrote in a blog published Tuesday ahead of a presentation of the analysis at the Black Hat security conference in Las Vegas scheduled for August 6.
The findings highlight the need for more security research focused on computer hardware tasked with handling biometrics and other sensitive data, said Nick Biasini, head of outreach at Cisco Talos.
“These concepts of secure enclaves and using biometrics and these various other types of technologies are getting more and more widespread,” Biasini said. “It’s becoming commonplace on devices but it also introduces a new attack surface."
A spokesperson for Dell said in a statement that the company addressed the issues “quickly and transparently,” and directed customers to the June 13 advisory. “As always, it is important that customers promptly apply security updates that we make available and move to supported versions of our products to ensure their systems remain secure,” the spokesperson said.
Broadcom declined to comment.
(Reporting by AJ Vicens in DetroitEditing by Nick Zieminski)
The flaw affected the Broadcom BCM5820X chip used in Dell's ControlVault security firmware, potentially allowing attackers to steal sensitive data.
The vulnerability impacted more than 100 models of Dell laptops, as confirmed by the company.
According to researchers, there is no indication that the vulnerabilities were exploited in the wild before Dell issued patches.
Dell issued patches for the affected devices in March, April, and May, addressing the vulnerabilities quickly and transparently.
Nick Biasini from Cisco Talos emphasized the need for more research focused on computer hardware handling biometrics and sensitive data, as these technologies are becoming more widespread.
Explore more articles in the Headlines category
