Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-22217 is an arbitrary code execution vulnerability in OpenClaw versions prior to 2026.2.23. It arises from the shell-env component's fallback logic for the $SHELL environment variable, which trusted certain directory prefixes to select a shell executable. If an attacker can write to one of these trusted-prefix directories (such as /opt/homebrew/bin) and influence the $SHELL environment variable, they can cause OpenClaw to execute attacker-controlled binaries within its process context."}, {'type': 'paragraph', 'content': "The vulnerability occurs because the fallback mechanism allowed execution of shells not explicitly registered in the system's /etc/shells file, relying instead on hardcoded trusted directory prefixes. This allowed attackers with local or environment control to execute arbitrary code by placing malicious binaries in writable trusted-prefix directories and manipulating $SHELL."}, {'type': 'paragraph', 'content': 'The issue was fixed in OpenClaw version 2026.2.23 by removing the trusted-prefix fallback and requiring that only shells explicitly listed in /etc/shells are trusted.'}] [1, 2, 3]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an attacker who can influence the $SHELL environment variable and write to trusted-prefix directories to execute arbitrary code within the OpenClaw process context.

Such arbitrary code execution can lead to unauthorized actions being performed on the affected system, potentially compromising system integrity, confidentiality, and availability.

Because the attacker can run arbitrary binaries, this could be used to escalate privileges, install malware, or disrupt normal operations.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'Detection involves checking if your system is running OpenClaw versions prior to 2026.2.23 and if any trusted-prefix directories such as /opt/homebrew/bin are writable by untrusted users. Additionally, you should verify if the $SHELL environment variable can be influenced by an attacker.'}, {'type': 'list_item', 'content': 'Check OpenClaw version: run `openclaw --version` or check the installed package version to confirm if it is 2026.2.22 or earlier.'}, {'type': 'list_item', 'content': 'Check if trusted-prefix directories are writable: run `ls -ld /opt/homebrew/bin` and verify permissions to see if non-root users can write to it.'}, {'type': 'list_item', 'content': "Inspect the $SHELL environment variable in the context of OpenClaw processes: use `ps aux | grep openclaw` and check environment variables with `cat /proc/<pid>/environ | tr '\\0' '\\n' | grep SHELL` (Linux) to see if $SHELL is set to an unexpected or attacker-controlled path."}, {'type': 'list_item', 'content': 'Look for suspicious or unexpected executable files in trusted-prefix directories that could be malicious binaries.'}] [1, 2]

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation is to upgrade OpenClaw to version 2026.2.23 or later, which removes the vulnerable trusted-prefix fallback logic and restricts trusted shells to those explicitly listed in /etc/shells.

• Update OpenClaw to version 2026.2.23 or newer.
• Ensure that trusted-prefix directories such as /opt/homebrew/bin are not writable by untrusted users to prevent placement of malicious binaries.
• Audit and restrict environment variable manipulation, especially the $SHELL variable, in contexts where OpenClaw runs.
• Verify that only shells explicitly registered in /etc/shells are used by OpenClaw processes.

Useful 0 Not Useful 0