CVE-2026-32063
Published: 11 March 2026
Summary
CVE-2026-32063 is a medium-severity Command Injection (CWE-77) vulnerability in Openclaw Openclaw. Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 26.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-6 (Least Privilege).
Deeper analysis
CVE-2026-32063 is a command injection vulnerability in OpenClaw versions 2026.2.19-2 prior to 2026.2.21, specifically affecting the systemd unit file generation process. The flaw arises because attacker-controlled environment values from config.env.vars are not validated for CR/LF characters, enabling newline injection. This allows attackers to break out of Environment= lines in the generated systemd unit files and inject arbitrary systemd directives, classified under CWE-77 with a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).
An attacker requires local access with low privileges (PR:L) to exploit this vulnerability. By influencing the config.env.vars and triggering a service install or restart, the attacker can execute arbitrary commands with the privileges of the OpenClaw gateway service user, potentially leading to integrity and availability impacts.
Advisories and the referenced patch commit recommend upgrading to OpenClaw version 2026.2.21 or later, where the fix is implemented in GitHub commit 61f646c41fb43cd87ed48f9125b4718a30d38e84. Additional details are available in the GitHub Security Advisory GHSA-vffc-f7r7-rx2w and VulnCheck advisory on the issue.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-11156
Vulnerability details
OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a command injection vulnerability in systemd unit file generation where attacker-controlled environment values are not validated for CR/LF characters, allowing newline injection to break out of Environment= lines and inject arbitrary systemd directives.…
more
An attacker who can influence config.env.vars and trigger service install or restart can execute arbitrary commands with the privileges of the OpenClaw gateway service user.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local command injection via newline in systemd unit generation directly enables privilege escalation (T1068) by allowing arbitrary directive injection into service units (T1543.002) for Unix shell command execution (T1059.004) as the service user.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of untrusted input (config.env.vars) to reject CR/LF characters before they are written into systemd Environment= lines.
Enforces access restrictions on configuration changes and service installation/restart operations that an attacker must trigger to exploit the unit-file injection.
Limits the privileges of the OpenClaw gateway service account so that any commands successfully injected via the systemd directive escape have reduced impact.