Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitability is regarded as difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Information disclosure in Industrial Application Software IAS Canias ERP 8.03 allows remote attackers to extract sensitive data through observable response discrepancies in the Login RMI Interface doAction function. The vulnerability requires high attack complexity but can be exploited without authentication or user interaction. Publicly available exploit code exists, though the vendor has not responded to early disclosure notifications.
Technical ContextAI
Canias ERP implements a Login RMI (Remote Method Invocation) Interface that exposes a doAction function accessible over the network. The vulnerability stems from CWE-204 (Observable Response Discrepancy), where the application leaks information through timing differences, error messages, or response variations when processing authentication requests. RMI is a Java protocol for invoking methods on remote objects; the Login component likely handles credential validation and session establishment. An attacker can distinguish valid from invalid inputs or extract partial information by analyzing subtle differences in server responses, enabling reconnaissance or credential enumeration without full authentication.
RemediationAI
Upgrade Canias ERP to a patched version released by Industrial Application Software IAS if available; however, the vendor has not responded to early disclosure, so patch availability is uncertain. As immediate compensating controls, restrict network access to the Login RMI Interface port (typically 1099 for RMI registry or the configured RMI port) using host-based or network firewalls, limiting exposure to trusted internal networks only. Implement intrusion detection signatures to identify repeated failed authentication attempts or characteristic response-analysis probes targeting the doAction function. Monitor RMI traffic for anomalous patterns or timing-based reconnaissance. If RMI services are not required externally, disable remote RMI exposure entirely and require local or VPN access. Document which systems depend on remote RMI access to Canias ERP to prioritize mitigation efforts. Contact Industrial Application Software IAS directly to inquire about patch availability or extended support options, as the public record shows vendor non-responsiveness to the original disclosure.
More in Canias Erp
View allImproper authentication in Industrial Application Software IAS Canias ERP 8.03 allows unauthenticated remote attackers t
Improper authorization in Industrial Application Software IAS Canias ERP 8.03 allows unauthenticated remote attackers to
OS command injection via Runtime.getRuntime.exec in Canias ERP 8.03 RMI Interface allows authenticated remote attackers
Same weakness CWE-204 – Observable Response Discrepancy
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28991
GHSA-g4cr-7m3r-2vrr