Radio Software Security Vulnerabilities
Sep 21, 2015
Chrysler (FCA US LLC) is recalling certain model year 2015 Jeep Renegade vehicles manufactured September 18, 2014, to June 25, 2015. The affected vehicles are equipped with radios that have software vulnerabilities that can allow third-party access to certain networked vehicle control systems.
Exploitation of the software vulnerability may result in unauthorized remote modification and control of certain vehicle systems, increasing the risk of a crash.
Chrysler will notify and mail affected owners a USB drive that includes a software update that eliminates the vulnerability, free of charge. Optionally, owners may download the update to their own USB drive from http://www.driveuconnect.com/software-update/ or take their vehicle to a Chrysler dealer for immediate installation. In an effort to mitigate the effects of this security vulnerability, Chrysler has had the wireless service provider close the open cellular connection to the vehicle that provided unauthorized access to the vehicle network. This measure may not have been implemented on all vehicles and does not address access by other means that will be remedied by the software update. Chrysler has not yet provide an owner notification schedule. Owners may contact Chrysler customer service at 1-800-853-1403. Chrysler's number for this recall is R45.