"The CERT warned that OpenClaw has "extremely weak default security configuration" and must therefore be handled with extreme care. The CERT is worried that attackers can target the tool by embedding malicious instructions in web pages, and that poisoned plugins for the agentic tool can put users at risk. China's cyber-advisors also point out that OpenClaw has already disclosed several severe vulnerabilities that can result in credential theft."
"The CERT also suggests that users disable automatic updates and restrict access to OpenClaw plugins. The organization recommends users isolate OpenClaw in a container, keep its management port isolated from the public internet, and implement strict authentication and access control procedures to keep attackers away from the agentic tool."
"The warning opens with the observation that China has seen a "surge in downloads and usage" for OpenClaw and its derivatives, thanks in part to "major domestic cloud platforms offering one-click deployment services." One example of such offerings comes from web giant Tencent, which launched an OpenClaw-based tool called "Work Buddy" on Monday."
China's National Computer Network Emergency Response Technical Team issued a security warning about OpenClaw, an agentic AI tool experiencing surge in downloads across China. The CERT identified multiple critical risks including extremely weak default security configurations, vulnerability to malicious instructions embedded in web pages, dangerous plugin vulnerabilities, and potential user-caused data deletion. The organization recommends isolating OpenClaw in containers, keeping management ports offline, implementing strict authentication and access controls, disabling automatic updates, and restricting plugin access. This warning aligns with Gartner's earlier assessment classifying OpenClaw as an unacceptable cybersecurity risk, though the CERT's recommendations are somewhat less restrictive than Gartner's suggestion to use only isolated nonproduction virtual machines.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]