CVE-2026-33579 Overview
CVE-2026-33579 is a privilege escalation vulnerability in OpenClaw before version 2026.3.28 that affects the device pairing approval workflow. The vulnerability exists in the /pair approve command path, which fails to properly forward caller scopes into the core approval check. This allows a caller with pairing privileges but without admin privileges to approve pending device requests asking for broader scopes, including admin access.
The vulnerability stems from improper authorization validation (CWE-863) in the extensions/device-pair/index.ts and src/infra/device-pairing.ts files, where scope validation is missing during the approval process.
Critical Impact
Attackers with limited pairing privileges can escalate to admin access by approving device requests that request broader scopes than the approver is authorized to grant.
Affected Products
- OpenClaw versions prior to 2026.3.28
- OpenClaw Node.js implementations
Discovery Timeline
- 2026-03-31 - CVE-2026-33579 published to NVD
- 2026-04-01 - Last updated in NVD database
Technical Details for CVE-2026-33579
Vulnerability Analysis
This privilege escalation vulnerability occurs because the /pair approve command path does not properly validate that the approving user has sufficient scope privileges to grant the requested permissions. When a device pairing request is submitted asking for elevated scopes (such as admin access), the system fails to verify that the caller's scopes are equal to or greater than the requested scopes.
The vulnerable code path in extensions/device-pair/index.ts and src/infra/device-pairing.ts processes approval requests without forwarding the caller's scope context into the core approval logic. This creates a gap where authorization decisions are made without proper scope comparison.
Root Cause
The root cause is an improper authorization check (CWE-863) where the application fails to validate that the approving user's permission scopes encompass the scopes being requested by the pending device. The caller's scope context is not forwarded into the approval check function, allowing users with minimal pairing privileges to approve requests for administrative access.
Attack Vector
The attack can be executed over the network by any authenticated user with basic pairing privileges. The attacker would:
- Identify a pending device pairing request that asks for elevated scopes (e.g., admin access)
- Issue an approval command through the /pair approve endpoint
- The system processes the approval without validating that the attacker has admin privileges
- The requesting device gains admin access despite being approved by a non-admin user
The security patch introduces rate limiting for webhook authentication failures and proper scope validation:
} from "openclaw/plugin-sdk/extension-shared";
import { z } from "zod";
import {
+ WEBHOOK_RATE_LIMIT_DEFAULTS,
+ createAuthRateLimiter,
type RuntimeEnv,
isRequestBodyLimitError,
readRequestBodyWithLimit,
Source: GitHub Commit Notes
The patch also exports the new rate limiter functionality for use in extensions:
// Keep this list additive and scoped to symbols used under extensions/nextcloud-talk.
export { logInboundDrop } from "../channels/logging.js";
+export { createAuthRateLimiter } from "../gateway/auth-rate-limit.js";
export { resolveMentionGatingWithBypass } from "../channels/mention-gating.js";
export type { AllowlistMatch } from "../channels/plugins/allowlist-match.js";
export {
Source: GitHub Commit Notes
Detection Methods for CVE-2026-33579
Indicators of Compromise
- Unusual device pairing approvals performed by users without admin privileges
- Audit log entries showing scope escalation during device approval workflows
- Devices with admin access that were approved by non-admin users
- Unexpected changes to permission scopes in device pairing records
Detection Strategies
- Monitor the /pair approve endpoint for requests from users with limited scopes approving requests for elevated permissions
- Implement logging to capture scope mismatches between approvers and approved device requests
- Review audit trails for device pairing operations where the approver's privileges are lower than the granted permissions
- Alert on any device approval that grants admin scope when the approver lacks admin privileges
Monitoring Recommendations
- Enable verbose logging on the device pairing subsystem to capture all approval operations
- Set up alerts for privilege escalation patterns in device management workflows
- Regularly audit the relationship between approver permissions and granted device scopes
- Monitor for repeated or automated approval attempts that may indicate exploitation
How to Mitigate CVE-2026-33579
Immediate Actions Required
- Upgrade OpenClaw to version 2026.3.28 or later immediately
- Audit all device pairing approvals made prior to patching to identify potential exploitation
- Review and revoke any device permissions that may have been improperly escalated
- Temporarily restrict pairing approval privileges to admin users only until the patch is applied
Patch Information
The vulnerability is addressed in OpenClaw version 2026.3.28. The fix ensures that caller scopes are properly forwarded into the core approval check, preventing users from approving device requests that exceed their own permission levels. The patch is available via commit e403decb6e20091b5402780a7ccd2085f98aa3cd.
For additional details, refer to the GitHub Security Advisory and the VulnCheck Advisory.
Workarounds
- Restrict /pair approve command access to admin users only until the patch can be applied
- Implement additional authorization checks at the network or application gateway level
- Disable the device pairing feature entirely if not business-critical
- Add manual review processes for all device pairing approvals
# Restrict device pairing approval to admins only (temporary workaround)
# In OpenClaw configuration file
device_pairing:
approval_required_scope: "admin"
restrict_approval_to_admins: true
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
