Impact Analysis

This vulnerability allows local attackers on a multi-user system to read session transcript files that contain sensitive information.

By accessing these transcript JSONL files, attackers can extract secrets and other sensitive data output by tools during sessions.

Such unauthorized access can lead to information disclosure and compromise of confidential data.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-33572 is a vulnerability in OpenClaw versions before 2026.2.17 where session transcript files, stored as JSONL files, were created with overly broad default file permissions.

Because these files did not enforce user-only permissions and relied on the host environment's umask settings, local users on multi-user systems could read these transcript files.

This allowed attackers with local access to extract sensitive information, including secrets from tool output.

The root cause was incorrect default permissions (CWE-276) and incorrect permission assignment for critical resources (CWE-732).

The issue was fixed in version 2026.2.17 by explicitly setting file permissions to 0o600 (read and write for owner only) when creating these transcript files.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking the file permissions of session transcript JSONL files created by OpenClaw. Specifically, you should look for transcript files with permissions more permissive than user-only read/write (i.e., permissions other than 600).

You can use commands to find these files and inspect their permissions. For example, on a Unix-like system, you can run:

• find /path/to/openclaw/sessions -name '*.jsonl' -exec ls -l {} + | grep -v '^-rw-------'

This command searches for all JSONL transcript files in the OpenClaw sessions directory and lists those that do not have the strict 600 permission mode, indicating potentially vulnerable files.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability immediately, you should upgrade OpenClaw to version 2026.2.17 or later, where the issue has been fixed by enforcing strict file permissions (600) on session transcript files.

If upgrading is not immediately possible, you can manually fix the permissions of existing transcript files by setting them to user-only read/write (600). For example, run:

• chmod 600 /path/to/openclaw/sessions/*.jsonl

Additionally, you can run the OpenClaw security audit fix command which has been extended to remediate existing transcript files' permissions:

• openclaw security audit --fix

This command scans the sessions directory and corrects permissions on transcript files to prevent unauthorized access.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in OpenClaw prior to version 2026.2.17 involves session transcript JSONL files being created with overly broad default permissions, allowing local users to read sensitive information including secrets from tool output.

This exposure of sensitive data due to improper file permissions could lead to non-compliance with data protection standards and regulations such as GDPR and HIPAA, which require strict controls on access to sensitive information.

By allowing unauthorized local users to access sensitive session transcripts, the vulnerability increases the risk of data breaches and unauthorized disclosure, which are critical compliance concerns under these regulations.

The issue was fixed in version 2026.2.17 by enforcing strict user-only read/write permissions (0o600) on transcript files, mitigating the risk of unauthorized access and helping maintain compliance with security requirements.

Useful 0 Not Useful 0