📄 Description (English)
OpenClaw before 2026.3.8 contains an approval bypass vulnerability in system.run where mutable script operands are not bound across approval and execution phases. Attackers can obtain approval for script execution, modify the approved script file before execution, and execute different content while maintaining the same approved command shape.
🤖 AI Executive Summary
CVE-2026-32921 is a time-of-check-time-of-use (TOCTOU) vulnerability in OpenClaw's approval mechanism that allows attackers to bypass script execution controls by modifying approved scripts between approval and execution phases. While currently unpatched with no public exploits, this vulnerability poses a significant risk to organizations using OpenClaw for automated system administration, particularly in regulated sectors. The medium CVSS score (6.3) understates the actual risk due to the nature of approval bypass vulnerabilities in privileged execution contexts.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 17, 2026 04:33
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi organizations in government (NCA, NCSC), banking (SAMA-regulated institutions), energy sector (ARAMCO, SEC), and healthcare (MOH) that utilize OpenClaw for infrastructure automation and privileged script execution. The approval bypass mechanism is particularly dangerous in these sectors where script execution controls are critical compliance requirements. Government agencies and critical infrastructure operators face the highest risk, as attackers could execute unauthorized system commands while maintaining audit trail legitimacy. Financial institutions face secondary risk through compromised automation workflows affecting transaction processing and system integrity.
🏢 Affected Saudi Sectors
Government (NCA, NCSC, CISA equivalent)
Banking and Financial Services (SAMA-regulated)
Energy and Utilities (ARAMCO, SEC)
Healthcare (MOH, private hospitals)
Telecommunications (STC, Mobily, Zain)
Critical Infrastructure
Defense and Military
🎯 MITRE ATT&CK Techniques
T1548 - Abuse Elevation Control Mechanism (approval bypass)
T1036 - Masquerading (maintaining approved command shape)
T1027 - Obfuscation (script modification between approval and execution)
T1078 - Valid Accounts (using legitimate approval process)
T1053 - Scheduled Task/Job (if used with automation scheduling)
T1059 - Command and Scripting Interpreter (script execution)
T1562 - Impair Defenses (bypassing approval controls)
⚖️ Saudi Risk Score (AI)
7.8
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Inventory all OpenClaw deployments across your organization and document version numbers
2. Implement file integrity monitoring (FIM) on all approved script directories with real-time alerting
3. Restrict file modification permissions on approved scripts to read-only for execution accounts
4. Enable comprehensive audit logging for all script approval and execution events
5. Implement mandatory code review for all script modifications post-approval
COMPENSATING CONTROLS (until patch available):
6. Deploy cryptographic signing/hashing of approved scripts with verification before execution
7. Implement immutable script storage using write-once storage or version control with signed commits
8. Require separate approval for any script modifications after initial approval
9. Use containerized/sandboxed execution environments for OpenClaw scripts with minimal privileges
10. Implement network segmentation to limit script execution scope
DETECTION RULES:
11. Alert on file modifications to approved script directories between approval timestamp and execution
12. Monitor for hash/checksum mismatches between approved and executed script versions
13. Track approval IDs and correlate with execution logs to detect approval-execution mismatches
14. Flag rapid successive approvals followed by immediate modifications
PATCHING:
15. Monitor OpenClaw security advisories for version 2026.3.8+ release
16. Establish testing environment to validate patch before production deployment
17. Plan upgrade to patched version with change management approval
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. قم بحصر جميع نشرات OpenClaw عبر مؤسستك وتوثيق أرقام الإصدارات
2. تطبيق مراقبة سلامة الملفات (FIM) على جميع مجلدات البرامج النصية المعتمدة مع التنبيهات الفورية
3. تقييد أذونات تعديل الملفات على البرامج النصية المعتمدة للقراءة فقط لحسابات التنفيذ
4. تفعيل تسجيل التدقيق الشامل لجميع أحداث موافقة وتنفيذ البرامج النصية
5. تطبيق مراجعة الكود الإلزامية لجميع تعديلات البرامج النصية بعد الموافقة
عناصر التحكم البديلة (حتى توفر التصحيح):
6. نشر التوقيع التشفيري/التجزئة للبرامج النصية المعتمدة مع التحقق قبل التنفيذ
7. تطبيق تخزين البرامج النصية غير القابلة للتغيير باستخدام التخزين أحادي الكتابة أو التحكم في الإصدارات
8. طلب موافقة منفصلة لأي تعديلات على البرامج النصية بعد الموافقة الأولية
9. استخدام بيئات التنفيذ المحتوية/المعزولة لبرامج OpenClaw بأقل الامتيازات
10. تطبيق تقسيم الشبكة لتحديد نطاق تنفيذ البرامج النصية
قواعد الكشف:
11. التنبيه على تعديلات الملفات في مجلدات البرامج النصية المعتمدة بين طابع زمني للموافقة والتنفيذ
12. مراقبة عدم تطابق التجزئة/المجموع الاختباري بين إصدارات البرامج النصية المعتمدة والمنفذة
13. تتبع معرفات الموافقة والربط مع سجلات التنفيذ للكشف عن عدم تطابق الموافقة والتنفيذ
14. وضع علامة على الموافقات المتتالية السريعة متبوعة بتعديلات فورية
التصحيح:
15. مراقبة استشارات أمان OpenClaw لإصدار 2026.3.8+
16. إنشاء بيئة اختبار للتحقق من صحة التصحيح قبل نشره في الإنتاج
17. التخطيط للترقية إلى الإصدار المصحح مع موافقة إدارة التغيير
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.5.1.1 - Access Control Policies (approval bypass violates access control)
ECC 2024 A.8.1.1 - Asset Management (script integrity and control)
ECC 2024 A.12.4.1 - Event Logging (audit trail integrity)
ECC 2024 A.14.2.1 - Change Management (unauthorized script modifications)
🔵 SAMA CSF
SAMA CSF ID.AM-2 - Asset Management (inventory and control of automation tools)
SAMA CSF PR.AC-1 - Access Control (approval mechanisms and privilege management)
SAMA CSF DE.CM-1 - Detection and Analysis (monitoring script execution)
SAMA CSF RS.MI-2 - Incident Response (containment of unauthorized executions)
🟡 ISO 27001:2022
ISO 27001:2022 A.5.1 - Policies for information security (approval policies)
ISO 27001:2022 A.8.1 - Asset management (control of automation assets)
ISO 27001:2022 A.8.3 - Media handling (script file integrity)
ISO 27001:2022 A.12.4 - Logging (audit trail requirements)
ISO 27001:2022 A.14.2 - Change management (change control procedures)
🟣 PCI DSS v4.0.1
PCI DSS 3.2.1 - Change management procedures (if used in payment systems)
PCI DSS 7.1 - Access control implementation (approval mechanisms)
PCI DSS 10.2 - Logging and monitoring (audit trails for script execution)
🔗 References & Sources 4
🔗
🔗
🔗
🔗
https://github.com/openclaw/openclaw/commit/c76d29208bf6a7f058d2cf582519d28069e42240
disclosure@vulncheck.com
https://github.com/openclaw/openclaw/commit/cf3a479bd1204f62eef7dd82b4aa328749ae6c91
disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-8g75-q649-6pv6
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-script-content-modification-via-mutable-o...
disclosure@vulncheck.com