Skip to main content

Canias ERP CVE-2026-8242

| EUVD-2026-28991 LOW
Observable Response Discrepancy (CWE-204)
2026-05-10 VulDB GHSA-g4cr-7m3r-2vrr
Information Disclosure
2.9
CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
CVSS changed
May 10, 2026 - 09:22 NVD
3.7 (LOW) 2.9 (LOW)
Analysis Generated
May 10, 2026 - 09:00 vuln.today
CVE Published
May 10, 2026 - 08:15 nvd
LOW 3.7

DescriptionNVD

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitability is regarded as difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Information disclosure in Industrial Application Software IAS Canias ERP 8.03 allows remote attackers to extract sensitive data through observable response discrepancies in the Login RMI Interface doAction function. The vulnerability requires high attack complexity but can be exploited without authentication or user interaction. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-8242 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy