CVE-2026-35639

HighPublic PoC

Published: 09 April 2026

Published

09 April 2026

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0027 50.3th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges…

to operator.admin and achieve remote code execution on the Node infrastructure.

Mitigating Controls (NIST 800-53 r5)AI

AC-6 Least Privilege good match

prevent

Employs least privilege to ensure operator.pairing approvers cannot approve or grant broader scopes like operator.admin, directly preventing privilege escalation.

AC-3 Access Enforcement good match

prevent

Enforces access control policies including scope validation in the device.pair.approve method to block unauthorized privilege grants.

SI-10 Information Input Validation good match

prevent

Validates inputs to the device.pair.approve method against the approver's held scopes, mitigating insufficient scope validation exploits.

Security SummaryAI

CVE-2026-35639 is a privilege escalation vulnerability affecting OpenClaw versions before 2026.3.22, located in the device.pair.approve method. The flaw arises from insufficient scope validation, enabling an operator.pairing approver to approve pending device requests with broader operator scopes than the approver holds. This issue, published on 2026-04-09, is mapped to CWE-648 and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

An attacker with low-privilege operator.pairing approver access can exploit this vulnerability remotely over the network with low complexity and no user interaction. By manipulating the approval process, they can escalate privileges to operator.admin, leading to remote code execution on the Node infrastructure.

Mitigation details are outlined in the OpenClaw GitHub security advisory (GHSA-hf68-49fm-59cq) and fixing commits (630f1479c44f78484dfa21bb407cbe6f171dac87 and fc2d29ea926f47c428c556e92ec981441228d2a4), which address the scope validation deficiency. VulnCheck's advisory (vulncheck.com/advisories/openclaw-privilege-escalation-via-device-pair-approve-scope-validation) provides additional analysis. Practitioners should upgrade to OpenClaw 2026.3.22 or later.

Details

CWE(s): CWE-648

Affected Products

openclaw

≤ 2026.3.22

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

The vulnerability is a privilege escalation flaw exploited by low-privileged users to gain admin privileges, directly mapping to Exploitation for Privilege Escalation (T1068), enabling remote code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/commit/fc2d29ea926f47c428c556e92ec981441228d2a4
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-hf68-49fm-59cq
Vendor Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-device-pair-approve-scope-validation
Third Party Advisory · disclosure@vulncheck.com