Primary

Context

Industrial Application Software Canias ERP Improper Authorization Vulnerability in RMI Interface

Vulnerability

A vulnerability allowing improper authorization has been identified in Industrial Application Software (IAS) Canias ERP version 8.03. The issue arises in the RMI Interface component, specifically within the iasGetServerInfoEvent function. This vulnerability can be exploited remotely.

Impact

Exploitation of this vulnerability allows for improper authorization, which could lead to unauthorized access or actions within the application.

Reproduction

The vulnerability can be reproduced by sending a request to the RMI registry on port 27499. After looking up the '11000000S2OUT' binding, the 'iasGetServerInfoEvent' can be dispatched. The response will contain server information, demonstrating the improper authorization.

Added: May 10, 2026, 9:17 AM

Updated: May 10, 2026, 9:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

7.5

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

7.5

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Industrial Application Software Canias ERP Improper Authorization Vulnerability in RMI Interface

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating