Samsung Data Management Server Default Password (rkwjsdusrnth) for 'root' Account
Critical Nessus Plugin ID 53878
SynopsisAn administrative account on the remote host uses a known password.
DescriptionThe remote device is a Samsung Integrated Management System DMS (Data Management Server), an embedded hardware device used to manage a large number of air conditioning units. It also has a 'root' account with the password 'rkwjsdusrnth', which reportedly is a default configuration used used for firmware updates.
An attacker may leverage this issue to gain administrative access to the affected system.
SolutionUse a firewall to limit access to the affected service.