{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/configuration-management/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-45006"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["OpenClaw"],"_cs_severities":["high"],"_cs_tags":["access-control","configuration-management","persistence"],"_cs_type":"advisory","_cs_vendors":["OpenClaw"],"content_html":"\u003cp\u003eOpenClaw, a tool used for managing and automating complex systems, is vulnerable to an improper access control issue. Specifically, versions before 2026.4.23 of the OpenClaw gateway tool are susceptible to CVE-2026-45006. The vulnerability resides in the \u003ccode\u003econfig.apply\u003c/code\u003e and \u003ccode\u003econfig.patch\u003c/code\u003e operations, where an incomplete denylist protection can be bypassed. A compromised model, potentially due to a separate vulnerability or misconfiguration, can exploit this flaw to inject unsafe configuration changes. This bypass can allow attackers to persist malicious configuration modifications that impact critical system functions such as command execution, network behavior, credential management, and operator policies. Critically, these modifications survive restarts, indicating a persistent foothold within the affected environment. Defenders should prioritize patching OpenClaw installations to version 2026.4.23 or later to mitigate this risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eInitial compromise of an OpenClaw model via an existing vulnerability or compromised credentials.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the compromised model to interact with the OpenClaw gateway tool.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts malicious configuration changes designed to compromise system functionality.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the \u003ccode\u003econfig.apply\u003c/code\u003e or \u003ccode\u003econfig.patch\u003c/code\u003e operation to apply the crafted configuration changes.\u003c/li\u003e\n\u003cli\u003eThe incomplete denylist protection is bypassed, allowing the malicious changes to be written.\u003c/li\u003e\n\u003cli\u003eThe malicious configuration changes are persisted to the system.\u003c/li\u003e\n\u003cli\u003eThe attacker exploits the modified configuration to execute arbitrary commands or modify network behavior.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves persistence, maintaining access even after system restarts, by leveraging the maliciously configured settings.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-45006 allows attackers to persistently modify critical system configurations within OpenClaw environments. This can lead to unauthorized command execution, manipulation of network settings, credential theft or modification, and alteration of operator policies. The vulnerability could impact organizations relying on OpenClaw for managing and automating their infrastructure, potentially leading to significant operational disruptions and security breaches. The ability to persist malicious configurations even after restarts increases the severity and potential long-term impact of a successful attack.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade OpenClaw to version 2026.4.23 or later to patch CVE-2026-45006 (see references).\u003c/li\u003e\n\u003cli\u003eImplement strict access controls and monitoring on OpenClaw models to prevent unauthorized modification of configurations.\u003c/li\u003e\n\u003cli\u003eRegularly review OpenClaw configurations for any unexpected or malicious changes to command execution paths, network settings, or credential stores.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect OpenClaw Config Apply Patch\u003c/code\u003e to identify attempts to exploit this vulnerability by monitoring for calls to the config.apply or config.patch operations.\u003c/li\u003e\n\u003cli\u003eMonitor OpenClaw logs for any unauthorized configuration changes related to command execution, network behavior, or credential management.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-11T18:19:11Z","date_published":"2026-05-11T18:19:11Z","id":"https://feed.craftedsignal.io/briefs/2026-05-openclaw-access-control-bypass/","summary":"OpenClaw before 2026.4.23 contains an improper access control vulnerability (CVE-2026-45006) in the gateway tool's config.apply and config.patch operations, allowing compromised models to write unsafe configuration changes and persist malicious config modifications by bypassing an incomplete denylist.","title":"OpenClaw Improper Access Control Vulnerability (CVE-2026-45006)","url":"https://feed.craftedsignal.io/briefs/2026-05-openclaw-access-control-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Configuration-Management","version":"https://jsonfeed.org/version/1.1"}