Description
OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin tokens for paired devices and achieve remote code execution on connected nodes via system.run or gain unauthorized gateway-admin access.
Published: 2026-03-29
Score: 9.4 Critical
EPSS: n/a
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a privilege escalation flaw in the device.token.rotate endpoint of OpenClaw. Callers who possess operator.pairing scope can mint new tokens without the system enforcing the scope limits of the caller. As a result, an attacker can create tokens with broader scopes, including operator.admin, and gain elevated privileges. With operator.admin tokens, the attacker can remotely execute arbitrary commands on connected nodes via the system.run capability or gain unauthorized access to gateway administration functions. This weakness is classified as a Permissions Management Error (CWE-266).

Affected Systems

The affected product is OpenClaw. Versions below 2026.3.11 contain the flaw; upgrading to 2026.3.11 or later resolves the issue.

Risk and Exploitability

The flaw carries a CVSS score of 9.4, indicating critical severity. Although EPSS data is unavailable, the high score suggests that exploitation is feasible if an attacker can reach the device.token.rotate function. An attacker does not need to compromise the device directly; possessing operator.pairing scope is sufficient to elevate privileges. The vulnerability is not listed as a Known Exploited Vulnerability, but the severity presents a significant risk to any environment where OpenClaw is deployed, especially if devices connect over insecure networks.

Generated by OpenCVE AI on March 29, 2026 at 14:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.3.11 or later to eliminate the vulnerability.
  • Verify that token scopes are properly constrained by testing the device.token.rotate endpoint.
  • If an immediate upgrade is not possible, restrict or revoke the operator.pairing scope, limiting its use to trusted personnel.
  • Monitor authentication and token creation logs for any abnormal activity indicating token forging.
  • Apply network segmentation and firewall rules to limit access to the device.token.rotate endpoint, reducing the attack surface.

Generated by OpenCVE AI on March 29, 2026 at 14:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 29 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to the caller's current scope set. Attackers can obtain operator.admin tokens for paired devices and achieve remote code execution on connected nodes via system.run or gain unauthorized gateway-admin access.
Title OpenClaw < 2026.3.11 - Privilege Escalation via Unvalidated Scope in device.token.rotate
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-266
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-29T12:44:22.872Z

Reserved: 2026-03-16T21:19:31.966Z

Link: CVE-2026-32922

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-29T13:17:00.573

Modified: 2026-03-29T13:17:00.573

Link: CVE-2026-32922

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-29T20:31:34Z

Weaknesses