Cyber Posture

CVE-2026-40502

HighPublic PoC

Published: 16 April 2026

Published
16 April 2026
Modified
23 April 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0112 78.3th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can execute administrative…

more

commands such as /permissions full_auto through remote chat sessions to change permission modes of a running OpenHarness instance without operator authorization.

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

AC-3 Access Enforcement directly addresses the insufficient distinction between local-only and remote-safe commands in the gateway handler by requiring enforcement of approved authorizations for administrative command execution.

AC-6 Least Privilege good match
prevent

AC-6 Least Privilege prevents remote gateway users with chat access from executing sensitive administrative commands like /permissions full_auto by restricting privileges to only those necessary for assigned tasks.

SI-10 Information Input Validation good match
prevent

SI-10 Information Input Validation mitigates the command injection vulnerability by validating and sanitizing remote chat inputs to block unauthorized administrative command execution.

Security SummaryAI

CVE-2026-40502 is a command injection vulnerability (CWE-862) in OpenHarness prior to commit dd1d235, stemming from insufficient distinction between local-only and remote-safe commands in the gateway handler. This flaw allows remote gateway users with chat access to invoke sensitive administrative commands, such as /permissions full_auto, via remote chat sessions. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant confidentiality, integrity, and availability impacts.

Attackers require low privileges, specifically remote access to the gateway with chat capabilities, to exploit this issue over the network with low complexity and no user interaction. Successful exploitation enables execution of unauthorized administrative commands on a running OpenHarness instance, such as altering permission modes without operator approval, potentially leading to full compromise of the system's administrative controls.

Mitigation involves updating to OpenHarness commit dd1d235 or later, as detailed in the project's GitHub commit (https://github.com/HKUDS/OpenHarness/commit/dd1d235450dd987b20bff01b7bfb02fe8620a0af) and pull request #127 (https://github.com/HKUDS/OpenHarness/pull/127). Additional guidance is available in the VulnCheck advisory (https://www.vulncheck.com/advisories/openharness-remote-administrative-command-injection-via-gateway-handler), which confirms the patch addresses the command distinction flaw in the gateway handler.

Details

CWE(s)
CWE-862

Affected Products

hkuds
openharness
≤ 2026-04-13

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
attack.mitre.org →
Why these techniques?

The vulnerability enables low-privileged remote users to execute unauthorized administrative commands via the gateway handler, directly facilitating exploitation for privilege escalation (T1068) and exploitation of remote services (T1210).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References