Millions of Dell PCs hit by Broadcom chip vulnerabilities, urgent firmware update released

Dell is urging users to install critical firmware and driver updates after security researchers uncovered major vulnerabilities in Broadcom chips used across millions of its PCs.

As reported by The Register, five high-severity flaws were discovered in the Broadcom BCM5820X chips, which power Dell’s ControlVault3 security subsystem. For the uninitiated, these chips power Dell Latitude and Precision laptops, particularly in enterprise settings.

While Dell first warned its customers privately on June 13, the company has publicly made the advisory available just this month. Speaking to the news outlet, a Dell spokesperson said:

Working with our firmware provider, we addressed the issues quickly and transparently disclosed the reported vulnerabilities in accordance with our Vulnerability Response Policy. Customers can review the Dell Security Advisory DSA-2025-053 for information on affected products, versions, and more.

Dell has outlined five vulnerabilities, CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, CVE-2025-24919, in an advisory updated on August 1. The company has confirmed that each vulnerability carries a CVSS score above 8.0, putting them in the “high” severity bracket.

In other words, attackers could exploit the aforementioned vulnerabilities to leak sensitive data, execute remote code, and more. Since ControlVault3 handles things like passwords, certificates, and biometrics, risks are high.

Fortunately, there are no reported cases of attackers exploiting these vulnerabilities yet. However, Dell has urged its customers to update their devices as soon as possible. The company has released firmware and driver updates for ControlVault3 through the official advisory, which we linked above.

If you use a Dell Latitude or Precision laptop, especially in an IT or enterprise setting, we recommend checking the advisory and installing the released updates.

Article feature image source: Unsplash