*

Flaw affects more than 100 Dell laptop models, says Cisco

Talos

*

No evidence of exploitation in the wild, researchers say

*

Dell issued patches in March, April, May; advisory

published

June 13

By AJ Vicens

Aug 5 (Reuters) - A flaw in the chips used to secure

tens of millions of Dell laptops could have given

attackers the ability to steal sensitive data as well as

maintain access even after a fresh operating system install,

researchers with Cisco Talos said Tuesday.

The previously unreported analysis, validated by Dell in a

June security advisory, affected more than 100 models of Dell

laptops, according to the company, and targeted a chip in the

computer that stores passwords, biometric data and security

codes, and installs fingerprint, smartcard and near-field

communications drivers and firmware.

There is no indication that the vulnerabilities have been

exploited in the wild, according to the researchers, and Dell

issued patches for the devices in March, April and May, with an

overall security advisory published June 13.

The vulnerabilities are specific to the Broadcom

BCM5820X chip used by Dell in its ControlVault security firmware

and software. The flaw affects laptop models common in the

cybersecurity industry and government settings, according to

Philippe Laulheret, the senior vulnerability researcher at Cisco

Talos who discovered and led the analysis.

"Sensitive industries that require heightened security when

logging in (via smartcard or NFC) are more likely to find

ControlVault devices in their environment," Laulheret wrote in a

blog published Tuesday ahead of a presentation of the analysis

at the Black Hat security conference in Las Vegas scheduled for

August 6.

The findings highlight the need for more security research

focused on computer hardware tasked with handling biometrics and

other sensitive data, said Nick Biasini, head of outreach at

Cisco Talos.

"These concepts of secure enclaves and using biometrics and

these various other types of technologies are getting more and

more widespread," Biasini said. "It's becoming commonplace on

devices but it also introduces a new attack surface."

A spokesperson for Dell said in a statement that the company

addressed the issues "quickly and transparently," and directed

customers to the June 13 advisory. "As always, it is important

that customers promptly apply security updates that we make

available and move to supported versions of our products to

ensure their systems remain secure," the spokesperson said.

Broadcom ( AVGO ) declined to comment.