Samsung Data Management Server Default Password (rkwjsdusrnth) for 'root' Account

Critical Nessus Plugin ID 53878


An administrative account on the remote host uses a known password.


The remote device is a Samsung Integrated Management System DMS (Data Management Server), an embedded hardware device used to manage a large number of air conditioning units. It also has a 'root' account with the password 'rkwjsdusrnth', which reportedly is a default configuration used used for firmware updates.

An attacker may leverage this issue to gain administrative access to the affected system.


Use a firewall to limit access to the affected service.

See Also

Plugin Details

Severity: Critical

ID: 53878

File Name: scada_samsung_dms_account_root_rkwjsdusrnth.nbin

Version: $Revision: 1.22 $

Type: remote

Family: SCADA

Published: 2011/05/11

Modified: 2018/01/29

Dependencies: 10281, 11936

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Vulnerability Publication Date: 2011/05/09

Reference Information

OSVDB: 72255

ICS-ALERT: 11-129-01