CVE-2026-35663
Privilege Escalation in OpenClaw via Backend Reconnect Bypass
Publication date: 2026-04-10
Last updated on: 2026-04-13
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.25 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-648 | The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized privilege escalation, enabling non-admin operators to gain administrative privileges by bypassing pairing requirements. This improper privilege management and incorrect authorization can lead to unauthorized access to sensitive data and critical system functions.
Such unauthorized access and privilege escalation can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict access controls and protection of sensitive information. Failure to enforce proper authorization and privilege restrictions may result in violations of these regulations, potentially leading to data breaches, legal penalties, and loss of trust.
Can you explain this vulnerability to me?
CVE-2026-35663 is a critical privilege escalation vulnerability in OpenClaw versions before 2026.3.25. It allows non-admin operators to improperly escalate their privileges by self-requesting broader scopes during backend reconnect operations. Specifically, the vulnerability arises because the system skips the required device pairing step when reconnecting with backend-labeled requests, enabling attackers to bypass pairing requirements and reconnect as operator.admin, gaining unauthorized administrative privileges.
The root cause is improper enforcement of scope restrictions and authorization checks during backend reconnects, classified under CWE-269 (Improper Privilege Management) and CWE-863 (Incorrect Authorization). The issue was fixed by removing the bypass that allowed backend clients to skip pairing and enforcing mandatory pairing whenever requested scopes exceed the approved baseline.
How can this vulnerability impact me? :
This vulnerability can have severe impacts by allowing attackers who have non-administrative access to escalate their privileges to administrative level without proper authorization. This unauthorized access can lead to full control over the OpenClaw system, compromising confidentiality, integrity, and availability of the system and its data.
Because the attack vector is network-based with low complexity and no user interaction required, it poses a high risk of exploitation. Attackers can bypass security controls designed to restrict scope upgrades, potentially leading to unauthorized configuration changes, data exposure, or disruption of services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves unauthorized backend reconnect requests that bypass pairing requirements to escalate privileges. Detection would focus on monitoring backend reconnect attempts that request elevated scopes, especially those that attempt to escalate from non-admin to operator.admin roles without proper pairing.
Specifically, you should look for backend reconnect requests that trigger device pairing requests or error messages indicating "pairing required". Monitoring logs for such pairing request events (e.g., device.pair.requested) or reconnect failures due to missing pairing can help identify exploitation attempts.
While no explicit commands are provided in the resources, network or system administrators can monitor backend reconnect API calls or WebSocket connections for scope upgrade requests and check for pairing enforcement events or errors.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenClaw to version 2026.3.25 or later, where the vulnerability is fixed by enforcing mandatory pairing for backend reconnect scope upgrades.
- Update OpenClaw to version 2026.3.25 or newer.
- Ensure that backend reconnect requests require explicit device pairing approval, preventing unauthorized scope escalation.
- Review and monitor logs for any unauthorized backend reconnect attempts requesting elevated scopes.