BeyondMachines :verified:@beyondmachines1@infosec.exchange
ControlVault Vulnerabilities dubbed ReVault expose Dell business laptops to firmware-level attacks
Cisco Talos discovered five vulnerabilities collectively called "ReVault" in Dell's ControlVault3 firmware affecting over 100 business laptop models, allowing attackers to establish persistent firmware-level access that survives complete operating system reinstallation and can bypass Windows login protections.
It's very weird when the vulnerability affects the advanced security systems of a laptop, and the mitigation is to disable the advanced security systems. We recommend patching your Latitude, Precision, or Dell Pro devices, because fingerprint access is a lot better than recycled passwords. And any laptop can be hacked or will be at some point handed over to another person, for service or if it's lost/stolen.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/controlvault-vulnerabilities-dubbed-revault-expose-dell-business-laptops-to-firmware-level-attacks-s-s-3-x-l/gD2P6Ple2L