CVE-2026-35639
Published: 09 April 2026
Summary
CVE-2026-35639 is a high-severity Incorrect Use of Privileged APIs (CWE-648) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 45.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Employs least privilege to ensure operator.pairing approvers cannot approve or grant broader scopes like operator.admin, directly preventing privilege escalation.
Enforces access control policies including scope validation in the device.pair.approve method to block unauthorized privilege grants.
Validates inputs to the device.pair.approve method against the approver's held scopes, mitigating insufficient scope validation exploits.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a privilege escalation flaw exploited by low-privileged users to gain admin privileges, directly mapping to Exploitation for Privilege Escalation (T1068), enabling remote code execution.
NVD Description
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation to escalate privileges…
more
to operator.admin and achieve remote code execution on the Node infrastructure.
Deeper analysisAI
CVE-2026-35639 is a privilege escalation vulnerability affecting OpenClaw versions before 2026.3.22, located in the device.pair.approve method. The flaw arises from insufficient scope validation, enabling an operator.pairing approver to approve pending device requests with broader operator scopes than the approver holds. This issue, published on 2026-04-09, is mapped to CWE-648 and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
An attacker with low-privilege operator.pairing approver access can exploit this vulnerability remotely over the network with low complexity and no user interaction. By manipulating the approval process, they can escalate privileges to operator.admin, leading to remote code execution on the Node infrastructure.
Mitigation details are outlined in the OpenClaw GitHub security advisory (GHSA-hf68-49fm-59cq) and fixing commits (630f1479c44f78484dfa21bb407cbe6f171dac87 and fc2d29ea926f47c428c556e92ec981441228d2a4), which address the scope validation deficiency. VulnCheck's advisory (vulncheck.com/advisories/openclaw-privilege-escalation-via-device-pair-approve-scope-validation) provides additional analysis. Practitioners should upgrade to OpenClaw 2026.3.22 or later.
Details
- CWE(s)