Description
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local reconnection to silently escalate privileges and achieve remote code execution on the node.
Published: 2026-04-09
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: Privilege Escalation leading to Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

OpenClaw versions prior to 2026.3.25 suffer a privilege‑escalation flaw that occurs when the system silently accepts shared‑authentication reconnections. An attacker can trigger a local reconnection to auto‑approve scope‑upgrade requests, which elevates a paired device’s permissions from operator.read to operator.admin and enables remote code execution on the node. The weakness is classified as CWE‑648.

Affected Systems

Vendors and products affected are OpenClaw’s OpenClaw application. The vulnerability exists in all releases before the 2026.3.25 patch. Users running any prior version on their node devices are at risk.

Risk and Exploitability

With a CVSS score of 8.5 the issue is considered High severity. No EPSS score is available and it is not listed in CISA’s KEV catalog. The attack requires local access to a device to trigger the reconnection, so the threat is primarily local; however, the resulting privilege escalation can lead to full remote code execution. Because the vulnerability auto‑approves scope upgrades, exploitation can be carried out without user interaction once local access is achieved.

Generated by OpenCVE AI on April 9, 2026 at 22:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to OpenClaw 2026.3.25 or newer.
  • If an upgrade is not feasible, isolate the affected node and block local shared‑authentication reconnections.
  • Enable logging and monitor for unexpected reconnections or privilege elevation attempts.

Generated by OpenCVE AI on April 9, 2026 at 22:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local reconnection to silently escalate privileges and achieve remote code execution on the node.
Title OpenClaw < 2026.3.25 - Privilege Escalation via Silent Local Shared-Auth Reconnect
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-648
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-09T21:26:57.589Z

Reserved: 2026-04-04T12:28:49.756Z

Link: CVE-2026-35625

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-09T22:16:30.867

Modified: 2026-04-09T22:16:30.867

Link: CVE-2026-35625

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:28:37Z

Weaknesses