CVE-2026-8244
MEDIUMIndustrial Application Software IAS Canias ERP Login RMI improper authentication
Title source: cnaDescription
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
References (4)
Core 4
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-362460 | Industrial Application Software IAS Canias ERP Login RMI improper authentication
https://vuldb.com/vuln/362460
Signature, Permissions Required signature
permissions-required
VDB-362460 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/362460/cti
Third Party Advisory third-party-advisory
Submit #808326 | Industrial Application Software - IAS Canias ERP 8.03-- Improper Authentication (CWE-287), (CWE-200)
https://vuldb.com/submit/808326
Exploit exploit
https://gist.github.com/0xb1lal/758bbc5e4d82efea248e675da934ac69
Scores
CVSS v3
5.3
EPSS
0.0005
EPSS Percentile
14.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-287
Status
published
Products (1)
Industrial Application Software IAS/Canias ERP
8.03
Published
May 10, 2026
Tracked Since
May 10, 2026