Authenticated attackers can escalate their privileges to full administrative access by exploiting a flaw in OpenClaw's WebSocket authorization logic.

This vulnerability is an authorization bypass within the WebSocket connection path. Authenticated users (using shared tokens or passwords) can self-declare elevated scopes, such as operator.admin, without proper server-side verification, allowing them to perform admin-only operations.

This privilege escalation vulnerability allows any user with basic access to take control of the entire OpenClaw gateway. This could result in unauthorized configuration changes, data manipulation, and total loss of administrative control. The CVSS score of 9.9 reflects the nearly total impact on confidentiality, integrity, and availability.

Immediate Action: Update OpenClaw to version 2026.3.12 or later to ensure that user scopes are strictly bound and verified on the server side.

Proactive Monitoring: Review administrative logs for actions performed by non-admin accounts and monitor WebSocket connection requests for unauthorized scope declarations.

Compensating Controls: Implement strict network segmentation to limit access to the OpenClaw interface to only trusted administrative workstations until the patch is applied.

Public Exploit Available: false

Organizations using OpenClaw must treat this as a critical priority. The ability for a standard user to elevate themselves to an administrator constitutes a complete breakdown of the security model. Applying the patch immediately is the only effective way to mitigate this risk.