scorecardresearch
Close Menu
    Member Login
    Tech

    Urgent Security Alert: Dell Business Laptops Vulnerable to Hackers

    News Analysis IndiaBy 2 Mins Read
    Featured Image

    Cybersecurity experts have discovered critical vulnerabilities in several popular Dell business laptops, allowing hackers to bypass passwords, gain administrator access, and maintain control even after reinstalling the operating system. This vulnerability set, dubbed ReVault, affects the ControlVault3 and ControlVault3+ firmware.

    ControlVault is a hardware security module designed to securely store sensitive information such as passwords, fingerprint data, and security codes. This module is used in Dell’s Latitude, Precision, and Rugged series, which are widely used by government institutions and large companies.

    **Affected Dell Models:**

    Over 100 Dell laptop models are affected by this bug, including:

    **Latitude Series:** 5440, 5500, 5520, 5530, 5540, 5550, 7030 Rugged Extreme, 7200 2-in-1, 7330, 7400, 7430, 7450, 7520, 7640, 9330, 9410, 9440 2-in-1, 9450, 9510 2-in-1, 9520, Rugged 7220EX, and more.

    **Precision Series:** 3470, 3550, 3560, 3570, 3580, 3590, 5470, 5490, 7540, 7560, 7670, and more. If your Dell laptop is from the business series, it is crucial to check for updates immediately.

    **How the Attack Works:**

    A non-admin user can inject malicious code into ControlVault through Windows API. This code can remain active even after the OS is reinstalled. If someone gains physical access to your laptop, they can bypass authentication by directly plugging into the USH board. Furthermore, the fingerprint sensor can be forced to accept any finger.

    **How to Protect Yourself:**

    **Update Firmware Immediately:**

    * ControlVault3: Version 5.15.10.14 or higher
    * ControlVault3+: Version 6.2.26.36 or higher
    * Install updates from Windows Update or the Dell support website.

    **Disable Unused Security Features:**

    If you don’t use fingerprint, smart card, or NFC, disable them in Windows Service Manager or Device Manager.

    **Avoid Biometrics in Risky Locations:**

    Turn off fingerprint login while traveling and use strong passwords or PINs with Windows Enhanced Sign-In Security (ESS).

    **Enable Chassis Intrusion Detection:**

    * Enable this feature in the BIOS to be immediately informed of any tampering.
    * If biometric or credential services crash frequently, perform a security scan immediately.

    Share.

    Related News