CVE-2025-31361

A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to privilege escalation. An attacker can issue a...

CVE-2025-36553

A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability...

CVE-2025-31649 Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability

A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to execute priviledged operation. An attacker can issue an api call...

CVE-2025-36462 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

PT-2025-47228

Name of the Vulnerable Software and Affected Versions Dell ControlVault3 versions prior to 5.15.14.19 Dell ControlVault3 Plus versions prior to 6.2.36.47 Description The software contains out-of-bounds read and write issues within the ControlVault WBDI Driver Broadcom Storage Adapter functionalit...

Dell ControlVault3 CvManager_SBI buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2188 Dell ControlVault3 CvManagerSBI buffer overflow vulnerability November 17, 2025 CVE Number CVE-2025-32089 SUMMARY A buffer overflow vulnerability exists in the CvManagerSBI functionality of Dell ControlVault3 5.14.3.0 and 5.15.10.14, A31. A specially...

Dell ControlVault3和Dell ControlVault3 Plus 安全漏洞

Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions from Dell USA. A security vulnerability exists in Dell ControlVault3 versions prior to 5.15.14.19 and Dell ControlVault3 Plus versions prior to 6.2.36.47, which stems from a hard-coded password vulnerability...

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Cybersecurity researchers have uncovered multiple security flaws in Dell's ControlVault3 firmware and its associated Windows APIs that could have been abused by attackers to bypass Windows login, extract cryptographic keys, as well as maintain access even after a fresh operating system install by...

Dell ControlVault3和Dell ControlVault3 Plus 缓冲区错误漏洞

Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions from Dell USA. A buffer error vulnerability exists in Dell ControlVault3 versions prior to 5.15.10.14 and Dell ControlVault3 Plus versions prior to 6.2.26.36, which stems from an out-of-bounds read in the...