{"id":302921,"date":"2025-08-07T14:15:15","date_gmt":"2025-08-07T14:15:15","guid":{"rendered":"https:\/\/www.europesays.com\/fr\/302921\/"},"modified":"2025-08-07T14:15:15","modified_gmt":"2025-08-07T14:15:15","slug":"cette-faille-doit-etre-corrigee-immediatement","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/fr\/302921\/","title":{"rendered":"cette faille doit \u00eatre corrig\u00e9e imm\u00e9diatement"},"content":{"rendered":"<p>Une faille majeure a \u00e9t\u00e9 d\u00e9couverte sur les ordinateurs Dell. Elle permet de se connecter \u00e0 une session Windows sans entrer un mot de passe.<\/p>\n<p><a href=\"https:\/\/images.frandroid.com\/wp-content\/uploads\/2024\/08\/dell-xps-13-arm-test-08.jpg\" target=\"_blank\" class=\"article-content__figure\" rel=\"nofollow noopener\"><img fetchpriority=\"high\" decoding=\"async\" loading=\"eager\" width=\"1200\" height=\"802\" src=\"https:\/\/www.europesays.com\/fr\/wp-content\/uploads\/2025\/08\/dell-xps-13-arm-test-08.jpg\" alt=\"\" class=\"wp-image-2308160 wp-image wp-image\"  \/><\/a><\/p>\n<p>Voil\u00e0 une faille particuli\u00e8rement dangereuse d\u00e9couverte sur les machines Dell. Une br\u00e8che dans le firmware ControlVault3 permet \u00e0 un utilisateur malveillant de se connecter \u00e0 la session Windows sans passer par le mot de passe ou Windows Hello.<\/p>\n<p>Pire, si cette faille est exploit\u00e9e, elle peut r\u00e9sister \u00e0 une r\u00e9installation compl\u00e8tement de Windows. Elle a \u00e9t\u00e9 d\u00e9couverte par Cisco et on en lit les d\u00e9tails sur <a target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/revault-flaws-let-hackers-bypass-windows-login-on-dell-laptops\/\" rel=\"nofollow noopener\">BleepingComputer<\/a>.<\/p>\n<p>ReVault : 5 failles en une<\/p>\n<p>Les \u00e9quipes de Cisco ont en fait identifi\u00e9 5 failles concernant le Control Vault, un composant install\u00e9 sur la carte Unified Security Hub de Dell. On le retrouve sur une centaine de mod\u00e8les de la marque. Ce composant stock les mots de passe, les donn\u00e9es biom\u00e9triques ou de s\u00e9curit\u00e9 de la machine. <\/p>\n<p>En principe, c\u2019est un composant isol\u00e9 et s\u00e9curis\u00e9, mais en associant les cinq vuln\u00e9rabilit\u00e9s (CVE-2025-24311, CVE-2025-25050, CVE-2025-25215, CVE-2025-24922, CVE-2025-24919), un utilisateur malveillant peut ex\u00e9cuter du code sur la machine et toucher \u00e0 ce composant.<\/p>\n<p>Bleeping Computer souligne qu\u2019il est possible de contourner la protection d\u2019une session Windows, ou de donner les droits d\u2019administrateur \u00e0 un simple utilisateur local.<\/p>\n<p>Une mise \u00e0 jour salvatrice<\/p>\n<p>Dell a mis en ligne <a target=\"_blank\" href=\"https:\/\/www.dell.com\/support\/kbdoc\/en-us\/000276106\/dsa-2025-053\" rel=\"nofollow noopener\">un correctif<\/a> permettant de combler ces failles critiques. Il est extr\u00eamement recommand\u00e9 d\u2019installer cette mise \u00e0 jour si l\u2019on poss\u00e8de une machine concern\u00e9e.<\/p>\n<p>On retrouve ce composant dans des PC destin\u00e9s au monde professionnel. La plupart des mod\u00e8les concern\u00e9s appartiennent donc aux familles Latitude, Precision, et les tr\u00e8s r\u00e9cents Dell Pro.<\/p>\n<p>La liste des mod\u00e8les de PC Dell concern\u00e9s<\/p>\n<p>Voici la liste des machines concern\u00e9es d\u2019apr\u00e8s Dell :<\/p>\n<ul class=\"wp-block-list\">\n<li>Dell Pro Max 14 MC14250<\/li>\n<li>Dell Pro Max 16 MC16250<\/li>\n<li>Dell Pro 13 Plus PB13250<\/li>\n<li><a href=\"https:\/\/www.frandroid.com\/marques\/dell\/2572285_test-du-dell-pro-14-plus-nom-incomprehensible-pour-pc-decevant\" rel=\"nofollow noopener\" target=\"_blank\">Dell Pro 14 Plus <\/a>PB14250<\/li>\n<li>Dell Pro 16 Plus PB16250<\/li>\n<li>Dell Pro Rugged 13 RA13250<\/li>\n<li>Dell Pro Rugged 14 RB14250<\/li>\n<li>Latitude 7030 Rugged Extreme Tablet<\/li>\n<li>Latitude 7200 2-in-1\u00a0<\/li>\n<li>Latitude 7210 2-in-1<\/li>\n<li>Latitude 7220EX Rugged Extreme Tablet<\/li>\n<li>Latitude 7220 Rugged Extreme Tablet, <\/li>\n<li>Latitude 7230 Rugged Extreme Tablet, <\/li>\n<li>Latitude 5300 2-in-1, <\/li>\n<li>Latitude 5300, <\/li>\n<li>Latitude 5310 2-in-1, <\/li>\n<li>Latitude 5310, <\/li>\n<li>Latitude 5320, Latitude 5330, <\/li>\n<li>Latitude 5340, Latitude 5350, <\/li>\n<li>Latitude 7300, Latitude 7310, <\/li>\n<li>Latitude 7320, Latitude 7320 Detachable, <\/li>\n<li>Latitude 7330, Latitude 7330 Rugged Extreme, <\/li>\n<li>Latitude 7340, Latitude 7350, <\/li>\n<li>Latitude 7350 Detachable, <\/li>\n<li>Latitude 9330, <\/li>\n<li>Latitude 5400, <\/li>\n<li>Latitude 5401, <\/li>\n<li>Latitude 5410, <\/li>\n<li>Latitude 5411, <\/li>\n<li>Latitude 5421, <\/li>\n<li>Latitude 5430 Rugged, <\/li>\n<li>Latitude 5431, <\/li>\n<li>Latitude 5440, <\/li>\n<li>Latitude 5450, <\/li>\n<li>Latitude 7400 2-in-1, <\/li>\n<li>Latitude 7400, <\/li>\n<li>Latitude 7410, <\/li>\n<li>Latitude 7420, <\/li>\n<li>Latitude 7430, <\/li>\n<li>Latitude 7440, <\/li>\n<li>Latitude 7450, <\/li>\n<li>Latitude 9410, <\/li>\n<li>Latitude 9420, <\/li>\n<li>Latitude 9430, <\/li>\n<li>Latitude 9440 2-in-1, <\/li>\n<li>Latitude 9450 2-in-1, <\/li>\n<li>Latitude 5500, <\/li>\n<li>Latitude 5501, <\/li>\n<li>Latitude 5510, <\/li>\n<li>Latitude 5511, <\/li>\n<li>Latitude 5520, <\/li>\n<li>Latitude 5521, <\/li>\n<li>Latitude 5530, <\/li>\n<li>Latitude 5531, <\/li>\n<li>Latitude 5540, <\/li>\n<li>Latitude 5550, <\/li>\n<li>Latitude 7520, <\/li>\n<li>Latitude 7530, <\/li>\n<li>Latitude 9510, <\/li>\n<li>Latitude 9520, <\/li>\n<li>Latitude 7640, <\/li>\n<li>Latitude 7650, <\/li>\n<li>Latitude 5420, <\/li>\n<li>Latitude 5430, <\/li>\n<li>Precision 3470, <\/li>\n<li>Precision 3480, <\/li>\n<li>Precision 3490, <\/li>\n<li>Precision 5470, <\/li>\n<li>Precision 5480, <\/li>\n<li>Precision 5490, <\/li>\n<li>Precision 3540, <\/li>\n<li>Precision 3541, <\/li>\n<li>Precision 3550, <\/li>\n<li>Precision 3551, <\/li>\n<li>Precision 3560, <\/li>\n<li>Precision 3561, <\/li>\n<li>Precision 3570, <\/li>\n<li>Precision 3571, <\/li>\n<li>Precision 3580, <\/li>\n<li>Precision 3581, <\/li>\n<li>Precision 3590, <\/li>\n<li>Mobile Precision 3591, <\/li>\n<li>Precision 7540, <\/li>\n<li>Precision 7550, <\/li>\n<li>Precision 7560, <\/li>\n<li>Precision 5680, <\/li>\n<li>Mobile Precision 5690, <\/li>\n<li>Precision 7670, <\/li>\n<li>Precision 7680, <\/li>\n<li>Precision 7740, <\/li>\n<li>Precision 7750, <\/li>\n<li>Precision 7760, <\/li>\n<li>Precision 7770, <\/li>\n<li>Precision 7780<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"Une faille majeure a \u00e9t\u00e9 d\u00e9couverte sur les ordinateurs Dell. Elle permet de se connecter \u00e0 une session&hellip;\n","protected":false},"author":2,"featured_media":302922,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[270,1011,27,43,40,41,39,42,44],"class_list":{"0":"post-302921","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-sciences-et-technologies","8":"tag-breaking","9":"tag-fr","10":"tag-france","11":"tag-science","12":"tag-science-and-technology","13":"tag-sciences","14":"tag-sciences-et-technologies","15":"tag-technologies","16":"tag-technology"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@fr\/114987907409243760","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/posts\/302921","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/comments?post=302921"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/posts\/302921\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/media\/302922"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/media?parent=302921"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/categories?post=302921"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/fr\/wp-json\/wp\/v2\/tags?post=302921"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}