📄 Description (English)
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui client identifier to skip pairing requirements and gain unauthorized access to node event execution flows.
🤖 AI Executive Summary
OpenClaw versions before 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that allows authenticated websocket clients with node role to impersonate the control-ui client and bypass device identity verification. An attacker can exploit this to gain unauthorized access to node event execution flows without completing proper pairing requirements. While no public exploit exists and patches are unavailable, the vulnerability poses a moderate risk to organizations using OpenClaw for infrastructure automation and control.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 24, 2026 16:20
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi organizations using OpenClaw for critical infrastructure automation, including: (1) Energy sector (ARAMCO, downstream operators) relying on OpenClaw for SCADA/ICS control systems; (2) Telecommunications (STC, Mobily) using OpenClaw for network automation and orchestration; (3) Government entities and critical infrastructure operators using OpenClaw for distributed control systems; (4) Financial institutions using OpenClaw for transaction processing automation. The authentication bypass could allow lateral movement within trusted networks and unauthorized execution of critical operational commands, potentially disrupting service availability.
🏢 Affected Saudi Sectors
Energy (ARAMCO, downstream operators)
Telecommunications (STC, Mobily, Zain)
Government and Critical Infrastructure
Financial Services and Banking
Healthcare (hospital automation systems)
Manufacturing and Industrial Control
🎯 MITRE ATT&CK Techniques
T1078 - Valid Accounts (using control-ui client identifier)
T1556 - Modify Authentication Process (authentication bypass)
T1021 - Remote Service Session Initiation (websocket exploitation)
T1570 - Lateral Tool Transfer (unauthorized node access)
T1059 - Command and Scripting Interpreter (node event execution)
⚖️ Saudi Risk Score (AI)
6.8
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:
1. Identify all OpenClaw deployments in your environment and document their versions
2. Restrict network access to OpenClaw Control UI and websocket endpoints to trusted administrative networks only
3. Implement network segmentation to isolate OpenClaw infrastructure from general user networks
4. Enable comprehensive logging and monitoring of all websocket connections and authentication attempts
Compensating Controls (until patch available):
5. Implement strict firewall rules allowing only known control-ui client IP addresses to connect
6. Deploy Web Application Firewall (WAF) rules to detect and block suspicious client.id parameters
7. Enforce mutual TLS (mTLS) authentication for all websocket connections
8. Implement rate limiting on authentication attempts
9. Monitor for suspicious patterns: multiple failed pairing attempts, unusual client.id values, or connections from unexpected sources
Detection Rules:
10. Alert on websocket connections with client.id=control-ui from non-administrative sources
11. Monitor for authentication bypass attempts in OpenClaw logs
12. Track all node event execution requests and correlate with authenticated sessions
13. Implement SIEM rules to detect lateral movement patterns within OpenClaw infrastructure
Long-term:
14. Plan immediate upgrade to OpenClaw 2026.2.25 or later when available
15. Conduct security assessment of OpenClaw deployment architecture
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حدد جميع نشرات OpenClaw في بيئتك وتوثيق إصداراتها
2. قيد الوصول إلى شبكة إلى واجهة التحكم بـ OpenClaw ونقاط نهاية websocket للشبكات الإدارية الموثوقة فقط
3. طبق تقسيم الشبكة لعزل بنية OpenClaw التحتية عن شبكات المستخدمين العامة
4. فعّل السجلات الشاملة ومراقبة جميع اتصالات websocket ومحاولات المصادقة
الضوابط البديلة (حتى توفر التصحيح):
5. طبق قواعد جدار الحماية الصارمة للسماح فقط بعناوين IP عميل control-ui المعروفة بالاتصال
6. نشر قواعد جدار تطبيقات الويب (WAF) للكشف عن معاملات client.id المريبة وحجبها
7. فرض المصادقة المتبادلة TLS (mTLS) لجميع اتصالات websocket
8. طبق تحديد معدل محاولات المصادقة
9. راقب الأنماط المريبة: محاولات إقران متعددة فاشلة، قيم client.id غير عادية، أو اتصالات من مصادر غير متوقعة
قواعد الكشف:
10. تنبيهات على اتصالات websocket مع client.id=control-ui من مصادر غير إدارية
11. مراقبة محاولات تجاوز المصادقة في سجلات OpenClaw
12. تتبع جميع طلبات تنفيذ أحداث العقدة والربط مع الجلسات المصرح بها
13. طبق قواعد SIEM للكشف عن أنماط الحركة الجانبية في بنية OpenClaw التحتية
المدى الطويل:
14. خطط للترقية الفورية إلى OpenClaw 2026.2.25 أو إصدار أحدث عند توفره
15. أجرِ تقييم أمان لهندسة نشر OpenClaw
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.9.2.1 - User registration and access rights management
ECC 2024 A.9.4.3 - Password management systems
ECC 2024 A.9.2.5 - Access rights review
ECC 2024 A.14.2.1 - Secure development policy
🔵 SAMA CSF
ID.AM-1 - Asset Management (inventory of OpenClaw systems)
PR.AC-1 - Access Control Policy (authentication and authorization)
PR.AC-3 - Access Enforcement (device identity verification)
DE.CM-1 - Detection and Analysis (monitoring authentication events)
🟡 ISO 27001:2022
A.5.15 - Access control
A.8.2 - User access management
A.8.3 - User responsibilities
A.9.2.1 - User registration and access rights
A.9.4.3 - Password management
🟣 PCI DSS v4.0.1
Requirement 2.1 - Default security parameters
Requirement 7 - Restrict access to data by business need
Requirement 8 - Identify and authenticate access
🔗 References & Sources 3
🔗
🔗
🔗
https://github.com/openclaw/openclaw/commit/ec45c317f5d0631a3d333b236da58c4749ede2a3
disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-vvgp-4c28-m3jm
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-authentication-bypass-via-control-ui-clie...
disclosure@vulncheck.com