CVE-2025-36463: CWE-805 - Buffer Access with Incorrect Length Value in Broadcom BCM5820X
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 4 (`WBIO_USH_ADD_RECORD`) and with an invalid `SendBufferSize`.
AI Analysis
Technical Summary
CVE-2025-36463 is a vulnerability classified under CWE-805 (Buffer Access with Incorrect Length Value) affecting the Broadcom BCM5820X component integrated into Dell ControlVault3 and ControlVault3 Plus devices. The flaw exists in the ControlVault WBDI Driver's Storage Adapter functionality, specifically when processing the WinBioControlUnit API call with ControlCode 4 (WBIO_USH_ADD_RECORD). An attacker with local privileges can submit a specially crafted API call containing an invalid SendBufferSize parameter, triggering multiple out-of-bounds reads and writes. This memory corruption can lead to arbitrary code execution, privilege escalation, or denial of service. The vulnerability has a CVSS 3.1 base score of 7.3, indicating high severity, with attack vector local (AV:L), low attack complexity (AC:L), requiring low privileges (PR:L) and user interaction (UI:R). The scope is unchanged (S:U), but the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). Although no public exploits are known, the vulnerability poses a significant risk due to the sensitive nature of biometric authentication components and potential for system compromise. The affected versions are prior to 5.15.14.19 for ControlVault3 and prior to 6.2.36.47 for ControlVault3 Plus. No patches are currently linked, indicating the need for vigilance and prompt application once available.
Potential Impact
For European organizations, this vulnerability threatens the security of biometric authentication systems embedded in Dell hardware using Broadcom BCM5820X components. Successful exploitation could allow attackers to bypass biometric security, escalate privileges, execute arbitrary code, or cause denial of service, potentially compromising sensitive data and critical systems. Sectors such as finance, healthcare, government, and critical infrastructure that rely on biometric authentication for access control are particularly at risk. The requirement for local access and user interaction limits remote exploitation but insider threats or malware with user privileges could exploit this flaw. Disruption or compromise of authentication systems could lead to broader network breaches, data theft, or operational downtime, impacting compliance with GDPR and other regulations.
Mitigation Recommendations
Organizations should monitor Dell and Broadcom advisories closely and apply firmware or driver updates for ControlVault3 and ControlVault3 Plus devices as soon as patches become available. Until patches are released, restrict access to systems with affected hardware to trusted users only and implement strict endpoint security controls to prevent unauthorized local access. Disable or limit use of the vulnerable WinBioControlUnit API where feasible. Employ application whitelisting and behavior monitoring to detect anomalous API calls. Conduct thorough audits of biometric authentication logs to identify suspicious activity. Additionally, ensure that user accounts have the minimum necessary privileges to reduce exploitation risk. Network segmentation and endpoint detection and response (EDR) solutions can help contain potential breaches stemming from this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain
CVE-2025-36463: CWE-805 - Buffer Access with Incorrect Length Value in Broadcom BCM5820X
Description
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An attacker can issue an api call to trigger this vulnerability. This vulnerability is triggered when submitting a `WinBioControlUnit` call to the StorageAdapter with the ControlCode 4 (`WBIO_USH_ADD_RECORD`) and with an invalid `SendBufferSize`.
AI-Powered Analysis
Technical Analysis
CVE-2025-36463 is a vulnerability classified under CWE-805 (Buffer Access with Incorrect Length Value) affecting the Broadcom BCM5820X component integrated into Dell ControlVault3 and ControlVault3 Plus devices. The flaw exists in the ControlVault WBDI Driver's Storage Adapter functionality, specifically when processing the WinBioControlUnit API call with ControlCode 4 (WBIO_USH_ADD_RECORD). An attacker with local privileges can submit a specially crafted API call containing an invalid SendBufferSize parameter, triggering multiple out-of-bounds reads and writes. This memory corruption can lead to arbitrary code execution, privilege escalation, or denial of service. The vulnerability has a CVSS 3.1 base score of 7.3, indicating high severity, with attack vector local (AV:L), low attack complexity (AC:L), requiring low privileges (PR:L) and user interaction (UI:R). The scope is unchanged (S:U), but the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). Although no public exploits are known, the vulnerability poses a significant risk due to the sensitive nature of biometric authentication components and potential for system compromise. The affected versions are prior to 5.15.14.19 for ControlVault3 and prior to 6.2.36.47 for ControlVault3 Plus. No patches are currently linked, indicating the need for vigilance and prompt application once available.
Potential Impact
For European organizations, this vulnerability threatens the security of biometric authentication systems embedded in Dell hardware using Broadcom BCM5820X components. Successful exploitation could allow attackers to bypass biometric security, escalate privileges, execute arbitrary code, or cause denial of service, potentially compromising sensitive data and critical systems. Sectors such as finance, healthcare, government, and critical infrastructure that rely on biometric authentication for access control are particularly at risk. The requirement for local access and user interaction limits remote exploitation but insider threats or malware with user privileges could exploit this flaw. Disruption or compromise of authentication systems could lead to broader network breaches, data theft, or operational downtime, impacting compliance with GDPR and other regulations.
Mitigation Recommendations
Organizations should monitor Dell and Broadcom advisories closely and apply firmware or driver updates for ControlVault3 and ControlVault3 Plus devices as soon as patches become available. Until patches are released, restrict access to systems with affected hardware to trusted users only and implement strict endpoint security controls to prevent unauthorized local access. Disable or limit use of the vulnerable WinBioControlUnit API where feasible. Employ application whitelisting and behavior monitoring to detect anomalous API calls. Conduct thorough audits of biometric authentication logs to identify suspicious activity. Additionally, ensure that user accounts have the minimum necessary privileges to reduce exploitation risk. Network segmentation and endpoint detection and response (EDR) solutions can help contain potential breaches stemming from this vulnerability.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- talos
- Date Reserved
- 2025-04-15T21:17:08.089Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 691baab2bb922d22627c950e
Added to database: 11/17/2025, 11:07:30 PM
Last enriched: 11/25/2025, 12:07:34 AM
Last updated: 1/7/2026, 8:46:59 AM
Views: 52
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-15158: CWE-434 Unrestricted Upload of File with Dangerous Type in eastsidecode WP Enable WebP
HighCVE-2025-15018: CWE-639 Authorization Bypass Through User-Controlled Key in djanym Optional Email
CriticalCVE-2025-15000: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in tfrommen Page Keys
MediumCVE-2025-14999: CWE-352 Cross-Site Request Forgery (CSRF) in kentothemes Latest Tabs
MediumCVE-2025-13531: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in hayyatapps Stylish Order Form Builder
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.