CVE-2026-53847
Awaiting Analysis Awaiting Analysis - Queue

Privilege Escalation in OpenClaw via Insufficient Scope Validation

Vulnerability report for CVE-2026-53847, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: VulnCheck

Description

OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway operators with operator.write access to modify global configuration without requiring operator.admin privileges. Attackers with operator.write access can exploit insufficient scope validation to apply unauthorized configuration changes beyond the intended write scope.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-07-07
AI Q&A
2026-06-16
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.5.6 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-53847 is a privilege escalation vulnerability in OpenClaw versions before 2026.5.6. It arises from improper scope validation in the Active Memory write functionality. This flaw allows Gateway operators who have operator.write access to modify global configuration settings without needing operator.admin privileges.

Attackers exploiting this vulnerability can bypass intended restrictions and apply unauthorized configuration changes beyond their designated write scope, potentially affecting the system's configuration integrity.

Compliance Impact

The vulnerability allows attackers with operator.write access to escalate privileges and modify global configuration settings without requiring higher-level admin privileges. This unauthorized configuration change could potentially lead to integrity and availability issues within the system.

While the CVE description and resources do not explicitly mention compliance with standards such as GDPR or HIPAA, the ability to alter global configurations without proper authorization could increase the risk of non-compliance by undermining security controls designed to protect sensitive data and system integrity.

Mitigations such as limiting write access to trusted operators and disabling the affected feature when unnecessary are recommended to reduce the risk, which indirectly supports maintaining compliance with security requirements in common regulations.

Impact Analysis

This vulnerability can allow an attacker with operator.write access to escalate their privileges by modifying global configuration settings without proper authorization.

  • Unauthorized changes to global configuration can lead to system misconfiguration.
  • Potential reduction in system integrity and availability due to unauthorized configuration changes.
  • No direct impact on confidentiality has been observed.

The actual impact depends on the operator configuration and whether lower-trust inputs can reach the affected functionality.

Mitigation Strategies

To mitigate the CVE-2026-53847 vulnerability in OpenClaw, you should take the following immediate steps:

  • Upgrade OpenClaw to version 2026.5.6 or later, where the vulnerability is patched.
  • Limit Active Memory write access strictly to trusted operators.
  • Keep channel and tool allowlists narrow to reduce exposure.
  • Avoid sharing Gateways between untrusted users.
  • Disable the Active Memory write feature if it is not necessary.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53847. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart