Dodge Nitro Forum banner

1 - 4 of 4 Posts

·
Super Moderator
Joined
·
23,350 Posts
Discussion Starter #1
Statement: Software Update

July 24, 2015 , Auburn Hills, Mich. -

FCA US LLC is conducting a voluntary safety recall to update software in approximately 1,400,000 U.S. vehicles equipped with certain radios.

The recall aligns with an ongoing software distribution that insulates connected vehicles from remote manipulation, which, if unauthorized, constitutes criminal action.


Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015.

The Company is unaware of any injuries related to software exploitation, nor is it aware of any related complaints, warranty claims or accidents – independent of the media demonstration.

Affected are certain vehicles equipped with 8.4-inch touchscreens among the following populations:

2013-2015 MY Dodge Viper specialty vehicles
2013-2015 Ram 1500, 2500 and 3500 pickups
2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
2014-2015 Jeep Grand Cherokee and Cherokee SUVs
2014-2015 Dodge Durango SUVs
2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
2015 Dodge Challenger sports coupes


Customers affected by the recall will receive a USB device that they may use to upgrade vehicle software, which provides additional security features independent of the network-level measures. Alternately, customers may visit Uconnect® Software Update - Update your Uconnect® System to input their Vehicle Identification Numbers (VINs) and determine if their vehicles are included in the recall.

The security of FCA US customers is a top priority, as is retaining their confidence in the Company’s products. Accordingly, FCA US has established a dedicated System Quality Engineering team focused on identifying and implementing best practices for software development and integration.

The software manipulation addressed by this recall required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code.

No defect has been found. FCA US is conducting this campaign out of an abundance of caution.

Customers are urged to acquire the software update. Those with questions or concerns may call the FCA US Customer Care Center at 1-800-853-1403.
 

·
Super Moderator
Joined
·
23,350 Posts
Discussion Starter #2
Unhacking the hack: Ensuring security

Uconnect | July 24 2015
Unhacking the hack: Ensuring security




Actions speak louder than words.

When we first learned of the ability for others to hack into some of our 8.4-inch touchscreen systems, we developed, tested and implemented a software patch. Owners had the option to see if their vehicle was affected and if so, they could install the update.

Since then, we’ve taken more steps to ensure the confidence and security of our customers.


On July 23, 2015, FCA US applied network-level security measures to prevent the type of remote manipulation demonstrated in the July 21 WIRED story. Those security measures block remote access to certain vehicle systems and were fully tested and implemented within the cellular network.

The recall FCA US issued today (July 24) provides additional security features to the affected 8.4-inch touchscreen systems and vehicles (listed below).

Owners of the approximately 1.4 million U.S. vehicles in the recall will receive a USB drive in the mail with the software update preloaded on it. Owners may use the USB to upgrade vehicle software themselves or they can visit their local CDJR dealer to have a dealer technician install the software. (See our previous blog post for details if you want apply the update yourself.)

In the meantime, customers may visit Uconnect® Software Update - Update your Uconnect® System to input their Vehicle Identification Numbers (VINs) and determine if their vehicles are included in the recall.

The following vehicles below are the affected models that may use the impacted 8.4-inch touchscreen systems:

2013-2015 Dodge Viper specialty vehicles
2013-2015 Ram 1500, 2500 and 3500 pickups
2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
2014-2015 Jeep® Grand Cherokee and Cherokee SUVs
2014-2015 Dodge Durango SUVs
2015 Chrysler 200, Chrysler 300 and Dodge Charger sedans
2015 Dodge Challenger sports coupes

As was noted in the initial story, the ability to hack a vehicle is not easy. It took the two security researchers, Charlie Miller and Chris Valasek, months to tap into and control certain systems of Miller’s SUV. They are experts.

The software update addressed by the recall, after the security steps we took July 23, would require unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write the appropriate code.

There is no defect in the affected 8.4-inch touchscreen system. We have taken these additional steps to demonstrate that the security of our customers is truly a priority.
 

·
Super Moderator
Joined
·
23,350 Posts
Discussion Starter #3
RECALL Subject : Radio Software Security Vulnerabilities

RECALL Subject : Radio Software Security Vulnerabilities

Report Receipt Date: JUL 23, 2015
NHTSA Campaign Number: 15V461000
Component(s): EQUIPMENT
Potential Number of Units Affected: 1,400,000


Manufacturer: Chrysler (FCA US LLC)

SUMMARY:

Chrysler (FCA US LLC) is recalling certain model year 2013-2015 Ram 1500, 2500, 3500, 4500, and 5500, 2015 Chrysler 200, Chrysler 300, Dodge Charger, and Dodge Challenger, 2014-2015 Jeep Grand Cherokee, Cherokee, and Dodge Durango, and 2013-2015 Dodge Viper vehicles. The affected vehicles are equipped with radios that have software vulnerabilities that can allow third-party access to certain networked vehicle control systems.
CONSEQUENCE:
Exploitation of the software vulnerability may result in unauthorized remote modification and control of certain vehicle systems, increasing the risk of a crash.
REMEDY:
Chrysler will notify and mail affected owners a USB drive that includes a software update that eliminates the vulnerability, free of charge. Optionally, owners may download the update to their own USB drive from Uconnect® Software Update - Update your Uconnect® System or take their vehicle to a Chrysler dealer for immediate installation. In an effort to mitigate the effects of this security vulnerability, Chrysler has had the wireless service provider close the open cellular connection to the vehicle that provided unauthorized access to the vehicle network. This measure may not have been implemented on all vehicles and does not address access by other means that will be remedied by the software update. The manufacturer has not yet provided a notification schedule. Owners may contact Chrysler customer service at 1-800-853-1403. Chrysler's number for this recall is R40.
 

·
Super Moderator
Joined
·
23,350 Posts
Discussion Starter #4
Cherokee Owners File Lawsuit

And So It Begins


Jeep Cherokee Owners File Lawsuit Against Fiat Chrysler, Harman After Hackers Wirelessly Hijack Vehicle


August 5, 2015


It was inevitable: A few weeks after hackers showed that a Jeep Cherokee could be hijacked remotely, three car owners have filed a lawsuit seeking class-action status against Fiat Chrylser Automobiles and Harman International, the maker of the Uconnect onboard infotainment system.

The three Jeep Cherokee owners who filed a complaint against FCA and Harman on Tuesday [PDF] accuse FCA and Harman of fraud, negligence, unjust enrichment and breach of warranty.



More HERE
 
1 - 4 of 4 Posts
Top