""The practical impact is severe," researchers from AI app-builder Blink wrote. "An attacker who already holds operator.pairing scope-the lowest meaningful permission in an OpenClaw deployment-can silently approve device pairing requests that ask for operator.admin scope.""
""Once that approval goes through, the attacking device holds full administrative access to the OpenClaw instance. No secondary exploit is needed. No user interaction is required beyond the initial pairing step.""
""For organizations running OpenClaw as a company-wide AI agent platform, a compromised operator.admin device can read all connected data sources, exfiltrate sensitive information, and pose significant risks to data security.""
OpenClaw, a viral AI tool, requires extensive access to user resources to function effectively. Recently, developers addressed three high-severity vulnerabilities, including CVE-2026-33579, which allows attackers with minimal permissions to gain full administrative control. This vulnerability enables attackers to approve device pairing requests without user interaction, leading to severe consequences for organizations using OpenClaw. A compromised device can access and exfiltrate all connected data sources, highlighting the critical need for security measures in AI applications.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]