Millions of Dell Laptops have malicious firmware!

DarkReading.com reported that ‘A bug in the control board that connects peripheral devices in commonly used Dell laptops allowed malicious access all the way down to the firmware running on the device chip, new research finds.”  The August 22, 2025 article entitled " ReVault Flaw Exposed Millions of Dell Laptops to Malicious Domination” (https://www.darkreading.com/endpoint-security/revault-compromised-secure-soc) included these comments from Philippe Laulheret (senior vulnerability researcher at Cisco Talos):

…it affects the control boards that connect peripherals. Something I found interesting is that any user on the machine can talk with the board and send commands to it, and all of that is not documented. I had to research that. And any user can send comments to the board.

You have user APIs that you can call. When you install the driver for control, it comes with a bunch of code. The idea here is a normal user doesn't know how to use it, but the system comes with files that you can load and send, and they export commands that you can execute to communicate with the board.

If it's a malicious user, you can send malicious commands, or exploit bugs that are running in the firmware that will corrupt memory inside and allow code execution on the chip. You can run your own code.

Have you been impacted?