Cisco Talos has uncovered ReVault, a set of high-severity firmware flaws affecting Dell Latitude and Precision laptops with ControlVault3/3+ security chips.

Risks include:
• Firmware-level malware implants
• Theft of passwords and biometric data
• Fingerprint authentication bypass (e.g., spoofed by objects)
• Persistence even after OS reinstall

Mitigation Steps:

• Update ControlVault3 firmware to v5.15.10.14 or later

• Update ControlVault3+ to v6.2.26.36 or later

• Download patches via Dell Support or Windows

• Update Review biometric and smartcard settings

• Restrict physical access to devices

Full advisory and affected models available at https://nccc.gov.sl/alerts_advisories/