Skip to main content

Canias ERP CVE-2026-8242

| EUVDEUVD-2026-28991 LOW
Observable Response Discrepancy (CWE-204)
2026-05-10 VulDB GHSA-g4cr-7m3r-2vrr
2.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.9 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
CVSS changed
May 10, 2026 - 09:22 NVD
3.7 (LOW) 2.9 (LOW)
Analysis Generated
May 10, 2026 - 09:00 vuln.today
CVE Published
May 10, 2026 - 08:15 nvd
LOW 3.7

DescriptionCVE.org

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitability is regarded as difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Information disclosure in Industrial Application Software IAS Canias ERP 8.03 allows remote attackers to extract sensitive data through observable response discrepancies in the Login RMI Interface doAction function. The vulnerability requires high attack complexity but can be exploited without authentication or user interaction. Publicly available exploit code exists, though the vendor has not responded to early disclosure notifications.

Technical ContextAI

Canias ERP implements a Login RMI (Remote Method Invocation) Interface that exposes a doAction function accessible over the network. The vulnerability stems from CWE-204 (Observable Response Discrepancy), where the application leaks information through timing differences, error messages, or response variations when processing authentication requests. RMI is a Java protocol for invoking methods on remote objects; the Login component likely handles credential validation and session establishment. An attacker can distinguish valid from invalid inputs or extract partial information by analyzing subtle differences in server responses, enabling reconnaissance or credential enumeration without full authentication.

RemediationAI

Upgrade Canias ERP to a patched version released by Industrial Application Software IAS if available; however, the vendor has not responded to early disclosure, so patch availability is uncertain. As immediate compensating controls, restrict network access to the Login RMI Interface port (typically 1099 for RMI registry or the configured RMI port) using host-based or network firewalls, limiting exposure to trusted internal networks only. Implement intrusion detection signatures to identify repeated failed authentication attempts or characteristic response-analysis probes targeting the doAction function. Monitor RMI traffic for anomalous patterns or timing-based reconnaissance. If RMI services are not required externally, disable remote RMI exposure entirely and require local or VPN access. Document which systems depend on remote RMI access to Canias ERP to prioritize mitigation efforts. Contact Industrial Application Software IAS directly to inquire about patch availability or extended support options, as the public record shows vendor non-responsiveness to the original disclosure.

Share

CVE-2026-8242 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy