CVE-2026-41404
Published: 28 April 2026
Summary
CVE-2026-41404 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 22.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-24 (Access Control Decisions) and AC-3 (Access Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for access to system resources, directly preventing privilege escalation from persistent self-declared operator scopes in trusted-proxy authentication.
Authorizes access based on correctly evaluated security attributes and policies, addressing the incomplete scope-clearing that allows unauthorized operator.admin escalation.
Restricts privileges to the minimum necessary for tasks, mitigating escalation to operator.admin via improperly persisted scopes on non-Control-UI clients.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is an authorization flaw (CWE-863) allowing low-privileged authenticated users to escalate to operator.admin by persisting unauthorized scopes in trusted-proxy auth paths, directly enabling exploitation for privilege escalation.
NVD Description
OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in trusted-proxy authentication mode that allows operator.admin privilege escalation. Attackers can exploit this by declaring operator scopes on non-Control-UI clients, allowing self-declared scopes to persist on identity-bearing authentication paths and escalate privileges.
Deeper analysisAI
CVE-2026-41404 is an incomplete scope-clearing vulnerability in the trusted-proxy authentication mode of OpenClaw versions prior to 2026.3.31. This issue, mapped to CWE-863 (Incorrect Authorization), allows for operator.admin privilege escalation by enabling attackers to declare operator scopes on non-Control-UI clients, where those self-declared scopes persist on identity-bearing authentication paths. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility, low attack complexity, and significant impacts on confidentiality, integrity, and availability.
Low-privileged users (PR:L) can exploit this vulnerability remotely without user interaction. By leveraging non-Control-UI clients to declare unauthorized operator scopes, attackers cause these scopes to bypass proper clearing mechanisms in trusted-proxy authentication, persisting them along authentication paths tied to identities and enabling escalation to operator.admin privileges.
Mitigation is addressed in OpenClaw 2026.3.31 and later versions via a patch in GitHub commit 8b88b927cb0747ad24d95b07d35682bf85dc5b0e. Additional details are provided in the GitHub Security Advisory (GHSA-g374-mggx-p6xc) and VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-operator-admin-privilege-escalation-via-trusted-proxy-authentication.
Details
- CWE(s)