CVE-2026-35625
Published: 09 April 2026
Summary
CVE-2026-35625 is a high-severity Incorrect Use of Privileged APIs (CWE-648) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 13.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-11 (Re-authentication).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely flaw remediation through patching directly prevents exploitation of the privilege escalation vulnerability in OpenClaw by applying the fix that blocks silent scope upgrades.
Re-authentication for privilege changes counters the silent auto-approval of scope upgrades during local shared-auth reconnects.
Enforces access control policies to prevent unauthorized permission widening from operator.read to operator.admin without approval.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is explicitly a local privilege escalation flaw allowing low-privileged attackers to silently gain admin rights via automatic scope upgrade approval, directly enabling T1068 Exploitation for Privilege Escalation and subsequent RCE.
NVD Description
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local reconnection to silently escalate privileges and achieve remote code…
more
execution on the node.
Deeper analysisAI
CVE-2026-35625 is a privilege escalation vulnerability in OpenClaw versions before 2026.3.25. The flaw occurs when silent local shared-auth reconnects automatically approve scope-upgrade requests, enabling paired device permissions to expand from operator.read to operator.admin without user interaction.
A local attacker with low privileges can exploit this vulnerability by triggering a local reconnection, which silently escalates privileges and leads to remote code execution on the node. The CVSS v3.1 base score is 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high confidentiality, integrity, and availability impacts, and it maps to CWE-648.
Mitigation involves updating to OpenClaw 2026.3.25 or later, as detailed in the fixing commit at https://github.com/openclaw/openclaw/commit/81ebc7e0344fd19c85778e883bad45e2da972229. Additional guidance is provided in the GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-fqw4-mph7-2vr8 and the Vulncheck advisory at https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-silent-local-shared-auth-reconnect.
Details
- CWE(s)