Black Hat USA 2025 | ReVault! Compromised by Your Secure SoC
Why It Matters
Compromise of the Control Vault undermines core hardware‑based authentication, exposing enterprise laptops to full system takeover.
Key Takeaways
- •Dell Control Vault chips contain unpatched firmware vulnerabilities across 100+ laptop models.
- •Broadcom services lack ASLR, exposing exploitable memory corruption vectors.
- •Researchers decrypted encrypted firmware using insecure upgrade process and hard‑coded keys.
- •CV command interface leaks heap addresses, enabling arbitrary free and code execution.
- •Millions of business laptops risk full compromise through the Secure Hub.
Summary
At Black Hat USA 2025, Cisco Talos senior researcher Firo Verity presented his findings on Dell’s Control Vault secure‑on‑chip (SoC) and how it can be compromised.
Verity showed that the Broadcom‑based BCM58202 chip, used in over 100 Dell Latitude and Precision models, contains multiple firmware bugs. Critical issues include missing ASLR in Broadcom services, weak secure‑boot checks, and an upgrade routine that uses hard‑coded keys, allowing the encrypted application firmware to be decrypted.
A short Python script can open a CV session, leak heap pointers and issue any of the 150 undocumented CV commands. By replaying the three‑step upgrade (upgrade start, update, upgrade complete) the team extracted the firmware, identified a heap‑address leak in CV open, and demonstrated an arbitrary free that leads to code execution.
If exploited, an attacker could gain full control of the laptop’s secure enclave, bypassing fingerprint, NFC and smart‑card protections. With tens of millions of business laptops at risk, Dell and Broadcom must issue firmware updates and improve mitigations such as ASLR and stack cookies.
Comments
Want to join the conversation?
Loading comments...