📄 Description (English)
OpenClaw is a personal AI assistant. In versions 2026.2.13 and below, when using macOS, the Claude CLI keychain credential refresh path constructed a shell command to write the updated JSON blob into Keychain via security add-generic-password -w .... Because OAuth tokens are user-controlled data, this created an OS command injection risk. This issue has been fixed in version 2026.2.14.
🤖 AI Executive Summary
OpenClaw AI assistant versions 2026.2.13 and below contain an OS command injection vulnerability in macOS keychain credential handling. User-controlled OAuth tokens are improperly sanitized when constructing shell commands for credential storage, allowing potential arbitrary command execution with user privileges. This vulnerability affects developers and organizations using OpenClaw for AI-assisted development workflows. Patch to version 2026.2.14 is available and should be applied immediately.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: Apr 29, 2026 22:53
🇸🇦 Saudi Arabia Impact Assessment
Saudi organizations at risk include: (1) Technology and software development companies using OpenClaw for AI-assisted development; (2) Financial institutions (SAMA-regulated banks) employing OpenClaw in development environments for fintech solutions; (3) Government agencies (NCA oversight) using AI assistants in secure development pipelines; (4) Telecommunications providers (STC, Mobily) integrating AI tools in infrastructure development. The vulnerability primarily affects macOS-based development environments. Risk is elevated in organizations with strict credential management requirements and those handling sensitive financial or government data in development workflows.
🏢 Affected Saudi Sectors
Software Development and Technology
Banking and Financial Services
Government and Public Administration
Telecommunications
Fintech and Digital Innovation
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
6.8
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all macOS systems running OpenClaw versions 2026.2.13 or below using inventory management tools
2. Isolate affected development machines from production networks if handling sensitive credentials
3. Audit keychain entries for suspicious modifications or unauthorized access attempts
4. Review OAuth token usage logs for anomalous command patterns
PATCHING:
1. Update OpenClaw to version 2026.2.14 or later immediately
2. Verify patch installation: openclaw --version
3. Regenerate all OAuth tokens and credentials used with vulnerable versions
4. Clear cached credentials from macOS Keychain: security delete-generic-password -a openclaw
COMPENSATING CONTROLS (if immediate patching delayed):
1. Restrict OpenClaw usage to non-production development environments
2. Implement application-level input validation for OAuth token handling
3. Use environment variables instead of keychain storage where possible
4. Monitor system logs for suspicious security add-generic-password commands
DETECTION:
1. Monitor for: security add-generic-password commands with unusual parameters or special characters
2. Alert on: Keychain modifications outside normal OpenClaw operations
3. Log all OAuth token refresh events and correlate with shell command execution
4. Implement EDR rules: Process execution from security command with injected payloads
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تحديد جميع أنظمة macOS التي تقوم بتشغيل إصدارات OpenClaw 2026.2.13 أو أقدم باستخدام أدوات إدارة المخزون
2. عزل أجهزة التطوير المتأثرة عن شبكات الإنتاج إذا كانت تتعامل مع بيانات اعتماد حساسة
3. تدقيق إدخالات سلسلة المفاتيح للتعديلات المريبة أو محاولات الوصول غير المصرح بها
4. مراجعة سجلات استخدام رموز OAuth للأنماط الشاذة
التصحيح:
1. تحديث OpenClaw إلى الإصدار 2026.2.14 أو أحدث فوراً
2. التحقق من تثبيت التصحيح: openclaw --version
3. إعادة إنشاء جميع رموز OAuth وبيانات الاعتماد المستخدمة مع الإصدارات الضعيفة
4. مسح بيانات الاعتماد المخزنة مؤقتاً من سلسلة مفاتيح macOS: security delete-generic-password -a openclaw
الضوابط البديلة:
1. تقييد استخدام OpenClaw على بيئات التطوير غير الإنتاجية
2. تنفيذ التحقق من صحة المدخلات على مستوى التطبيق لمعالجة رموز OAuth
3. استخدام متغيرات البيئة بدلاً من تخزين سلسلة المفاتيح حيث أمكن
4. مراقبة سجلات النظام للأوامر المريبة security add-generic-password
الكشف:
1. مراقبة: أوامر security add-generic-password بمعاملات غير عادية أو أحرف خاصة
2. التنبيه على: تعديلات سلسلة المفاتيح خارج عمليات OpenClaw العادية
3. تسجيل جميع أحداث تحديث رموز OAuth والربط مع تنفيذ أوامر shell
4. تنفيذ قواعد EDR: تنفيذ العملية من أمر الأمان برموز مدرجة
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.14.2.1 - Secure development policy and procedures
ECC 2024 A.14.2.5 - Secure development environment controls
ECC 2024 A.12.2.1 - Change management procedures
ECC 2024 A.12.6.1 - Management of technical vulnerabilities
🔵 SAMA CSF
SAMA CSF ID.BE-1 - Business objectives and strategies
SAMA CSF PR.DS-1 - Data security and protection
SAMA CSF PR.AC-1 - Access control and authentication
SAMA CSF DE.CM-1 - Detection and monitoring
🟡 ISO 27001:2022
ISO 27001:2022 A.8.1 - User endpoint devices
ISO 27001:2022 A.8.3 - Credential management
ISO 27001:2022 A.14.2 - Secure development
ISO 27001:2022 A.12.6 - Management of technical vulnerabilities
🟣 PCI DSS v4.0.1
PCI DSS 6.2 - Security patches and updates
PCI DSS 8.2 - User identification and authentication
PCI DSS 12.2 - Configuration standards for system components
🔗 References & Sources 6
🔗
https://github.com/openclaw/openclaw/commit/66d7178f2d6f9d60abad35797f97f3e61389b70c
security-advisories@github.com
Patch
🔗
https://github.com/openclaw/openclaw/commit/9dce3d8bf83f13c067bc3c32291643d2f1f10a06
security-advisories@github.com
Patch
🔗
https://github.com/openclaw/openclaw/commit/b908388245764fb3586859f44d1dff5372b19caf
security-advisories@github.com
Patch
🔗
https://github.com/openclaw/openclaw/pull/15924
security-advisories@github.com
Issue Tracking
🔗
https://github.com/openclaw/openclaw/releases/tag/v2026.2.14
security-advisories@github.com
Release Notes
🔗
https://github.com/openclaw/openclaw/security/advisories/GHSA-4564-pvr2-qq4h
security-advisories@github.com
Patch
Vendor Advisory
📦 Affected Products / CPE 1 entries
openclaw:openclaw