Your one-stop web resource providing safety and security information to manufacturers

In the wake of hackers being able to break into a Jeep Cherokee through its Uconnect infotainment system while it is on the road, FCA US is now issuing a software update for 1.4 million vehicles in the United States.

Affected customers will receive a USB stick in the mail with the improved version.

Fiat Fixes Auto Remote Exploit
Siemens Fixes SIPROTEC DoS Vulnerability
Sm@rtClient Android Vulnerability Fixed
RuggedCom ROS Fixes POODLE

A large variety of models with FCA’s 8.4-inch touchscreen infotainment system suffer from the issue. They include the 2015 Chrysler 200, 2015 Chrysler 300, 2015 Dodge Charger, and 2015 Dodge Challenger; 2013-2015 Dodge Viper; 2013-2015 Ram 1500, 2500, and 3500; 2013-2015 Ram 3500, 4500, and 5500 chassis cab; 2014-2015 Jeep Grand Cherokee and Cherokee; and 2014-2015 Dodge Durango.

According to FCA in its announcement, the new software “insulates connected vehicles from remote manipulation.” As of July 23, the company also “fully tested and implemented within the cellular network” additional security to prevent access to many of a vehicle’s systems.

Schneider Bold

Click here to see which vehicles suffer from the issue, but before you do, you will have to look up the VIN number.

FCA US said it is conducting this campaign out of an abundance of caution and disputes the notion there’s a defect with these vehicles. Beyond the demonstration of the hack in the Cherokee, the automaker said it is unaware of any other reports of these attacks actually happening.

The following is a statement from FCA regarding the software update:
“FCA US LLC is conducting a voluntary safety recall to update software in approximately 1,400,000 U.S. vehicles equipped with certain radios.

“The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action.

“Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015.

“The Company is unaware of any injuries related to software exploitation, nor is it aware of any related complaints, warranty claims or accidents – independent of the media demonstration.

“Affected are certain vehicles equipped with 8.4-inch touchscreens among the following populations:
• 2013-2015 MY Dodge Viper specialty vehicles
• 2013-2015 Ram 1500, 2500 and 3500 pickups
• 2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
• 2014-2015 Jeep Grand Cherokee and Cherokee SUVs
• 2014-2015 Dodge Durango SUVs
• 2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
• 2015 Dodge Challenger sports coupes

“Customers affected by the recall will receive a USB device that they may use to upgrade vehicle software, which provides additional security features independent of the network-level measures. Alternately, customers may visit to input their Vehicle Identification Numbers (VINs) and determine if their vehicles are included in the recall.

“The security of FCA US customers is a top priority, as is retaining their confidence in the Company’s products. Accordingly, FCA US has established a dedicated System Quality Engineering team focused on identifying and implementing best practices for software development and integration.

“The software manipulation addressed by this recall required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code.

“No defect has been found. FCA US is conducting this campaign out of an abundance of caution.

“Customers are urged to acquire the software update. Those with questions or concerns may call the FCA US Customer Care Center at 1-800-853-1403.”

Pin It on Pinterest

Share This