CVE-2025-36462 is a buffer access vulnerability classified under CWE-805, affecting the Broadcom BCM5820X Storage Adapter functionality integrated into Dell ControlVault3 and ControlVault3 Plus devices. The flaw exists due to improper validation of the ReceiveBufferSize parameter in the WinBioControlUnit API call, specifically when invoked with ControlCode 3 (WBIO_USH_CREATE_CHALLENGE). This improper validation leads to multiple out-of-bounds reads and writes, causing memory corruption. The vulnerability can be triggered by a specially crafted API call issued by an attacker with local privileges and requires user interaction, such as executing a malicious application or script that calls the vulnerable API. The impact includes potential privilege escalation, arbitrary code execution, or denial of service due to corrupted memory states. The CVSS v3.1 score is 7.3 (high), reflecting high confidentiality, integrity, and availability impacts, with low attack complexity but requiring low privileges and user interaction. No public exploits have been reported yet, but the vulnerability is significant due to the sensitive role of ControlVault devices in secure authentication and cryptographic operations. The affected versions are Dell ControlVault3 prior to 5.15.14.19 and ControlVault3 Plus prior to 6.2.36.47. As of now, no official patches are linked, but vendors are expected to release updates to address this issue.

The vulnerability poses a serious risk to organizations using Dell ControlVault3 and ControlVault3 Plus devices with Broadcom BCM5820X components, which are often deployed in enterprise environments for biometric authentication and secure key storage. Successful exploitation can lead to memory corruption, enabling attackers to escalate privileges, execute arbitrary code within the context of the vulnerable driver, or cause denial of service by crashing critical security components. This can compromise the confidentiality and integrity of sensitive authentication data and cryptographic operations, potentially allowing attackers to bypass security controls or gain persistent access. The requirement for local privileges and user interaction limits remote exploitation but does not eliminate risk, especially in environments where users may be tricked into running malicious code. The absence of known exploits in the wild currently reduces immediate threat but does not preclude future attacks, especially from sophisticated adversaries targeting high-value assets. The impact extends to any organization relying on these devices for secure authentication, including government, financial, healthcare, and large enterprise sectors.

Organizations should monitor Dell and Broadcom advisories closely for official patches addressing this vulnerability and apply them promptly once available. Until patches are released, restrict access to the vulnerable WinBioControlUnit API by limiting user permissions and employing application whitelisting to prevent untrusted code execution. Implement strict endpoint security controls to detect and block attempts to invoke the vulnerable API with malformed parameters. Conduct user awareness training to reduce the risk of social engineering attacks that could trigger user interaction-based exploitation. Employ runtime protection and memory integrity features where supported to mitigate exploitation of memory corruption vulnerabilities. Additionally, audit and monitor logs for unusual activity related to biometric or ControlVault operations. Coordinate with hardware and software vendors to confirm firmware and driver versions and ensure systems are updated to the latest secure releases. Consider isolating or segmenting systems with ControlVault devices to limit lateral movement in case of compromise.