CVE-2026-32972
Authorization Bypass in OpenClaw Allows Privilege Escalation
Publication date: 2026-03-29
Last updated on: 2026-03-31
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.11 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-32972 is an authorization bypass vulnerability in OpenClaw versions before 2026.3.11. It allows authenticated users who only have operator.write permissions to access administrative browser profile management routes through the browser.request function.
This flaw enables such users to create or modify browser profiles and persist attacker-controlled remote Chrome DevTools Protocol (CDP) endpoints to disk, actions that should be restricted to users with operator.admin privileges.
The root cause is an incorrect authorization check (CWE-863) that fails to properly enforce the admin boundary for browser profile creation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers with operator.write permissions to bypass authorization controls and modify browser profiles, including persisting attacker-controlled remote CDP endpoints to disk without admin privileges.
This unauthorized modification capability could lead to integrity violations and potential misuse of system configurations, which may impact compliance with standards and regulations that require strict access controls and data integrity, such as GDPR and HIPAA.
However, the provided information does not explicitly describe direct impacts on confidentiality or personal data breaches, nor does it specify compliance implications with these regulations.
How can this vulnerability impact me? :
This vulnerability can allow an attacker with limited operator.write privileges to escalate their capabilities by creating or modifying browser profiles and inserting attacker-controlled remote CDP endpoints.
Such unauthorized changes can compromise the integrity of the system by enabling persistent malicious configurations without requiring full admin privileges.
The impact includes a high integrity risk and a low availability risk, but no direct confidentiality impact.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.3.11 or later, where the authorization bypass issue has been fixed.
The fix ensures that browser profile creation routes correctly enforce admin-level authorization, preventing users with only operator.write permissions from accessing admin-only functions.
Additionally, review and restrict operator permissions to minimize exposure until the upgrade is applied.