CVE-2025-36462 is a vulnerability classified under CWE-805 (Buffer Access with Incorrect Length Value) affecting the Broadcom BCM5820X Storage Adapter functionality embedded within Dell ControlVault3 and ControlVault3 Plus devices prior to versions 5.15.14.19 and 6.2.36.47 respectively. The vulnerability is triggered by a specially crafted WinBioControlUnit API call, specifically when the ControlCode 3 (WBIO_USH_CREATE_CHALLENGE) is submitted with a ReceiveBuffer size greater than zero but less than four bytes. This causes the driver to write up to three null bytes beyond the end of the allocated ReceiveBuffer, resulting in out-of-bounds memory writes. Such memory corruption can lead to arbitrary code execution, privilege escalation, or system crashes, impacting confidentiality, integrity, and availability of the affected system. The CVSS v3.1 score is 7.3, indicating high severity, with attack vector local (AV:L), low attack complexity (AC:L), requiring privileges (PR:L) and user interaction (UI:R). Although no known exploits are currently in the wild, the vulnerability poses a significant risk to systems using the affected Broadcom hardware and Dell ControlVault firmware. The vulnerability affects a specialized biometric authentication component, which is often integrated into enterprise security solutions, making it a critical concern for organizations relying on these devices for secure authentication and cryptographic operations.

For European organizations, the impact of this vulnerability can be severe. The affected Broadcom BCM5820X Storage Adapter is embedded in Dell ControlVault3 devices, which are commonly used in enterprise environments for secure biometric authentication and cryptographic key storage. Exploitation could allow attackers with local access to cause memory corruption, potentially leading to privilege escalation or denial of service. This could compromise sensitive biometric data, cryptographic keys, and authentication mechanisms, undermining the security posture of affected systems. Critical sectors such as finance, government, healthcare, and telecommunications, which rely heavily on strong authentication and data protection, could face operational disruptions and data breaches. Additionally, the requirement for local privileges and user interaction means insider threats or social engineering attacks could trigger exploitation. The lack of known public exploits currently provides a window for proactive mitigation, but the high severity score underscores the urgency for patching and monitoring.

1. Apply firmware and driver updates from Dell and Broadcom as soon as they are released to address this vulnerability. 2. Restrict access to the WinBioControlUnit API and related biometric authentication interfaces to trusted users and processes only. 3. Implement strict endpoint security controls to prevent unauthorized local access, including limiting administrative privileges and enforcing strong user authentication. 4. Monitor system logs and biometric device activity for unusual or unexpected WinBioControlUnit calls, especially those involving ControlCode 3 with small ReceiveBuffer sizes. 5. Employ application whitelisting and behavior-based detection to identify attempts to exploit this vulnerability. 6. Educate users about the risks of social engineering that could lead to malicious API calls requiring user interaction. 7. Consider network segmentation and isolation of critical systems using Dell ControlVault devices to reduce exposure. 8. Coordinate with Dell support and security advisories to stay informed about patch availability and best practices.