Fiat Chrysler Automobiles (FCA) wants to update the software on roughly 7,810 of its SUVs to address an issue that can be exploited to remotely hack the vehicles.
According to the carmaker, this campaign involves a different radio than the one installed on the 1.4 million cars recalled this summer to patch a Uconnect vulnerability disclosed by researchers Charlie Miller and Chris Valasek.
The latest recall affects certain 2015 Jeep Renegade vehicles equipped with 6.5 inch touchscreens. The software updates, designed to protect these connected vehicles against “remote manipulation,” also include additional security features.
Affected customers will receive a USB device containing the software updates. Alternatively, the update can be downloaded from the official Uconnect website or installed for free by technicians at dealerships.
The company has pointed out that more than half of the 2015 Jeep Renegade SUVs fitted with affected radios are still at dealers and their software will be updated before they are sold.
“The software manipulation addressed by this recall required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code,” Fiat Chrysler said on Friday. “No defect has been found. FCA US is conducting this campaign out of an abundance of caution.”
Miller and Valasek, who were hired by Uber last month, revealed in July that they had managed to remotely hijack a 2014 Jeep Cherokee through a vulnerability in its Uconnect system. The researchers demonstrated that the feature available in some Viper, Ram, Jeep, Dodge and Chrysler models exposed the cars to remote cyberattacks.
Fiat Chrysler announced the recall of 1.4 million cars and started sending out USB devices that customers can use to easily conduct the software update themselves. However, security experts have criticized the method because they believe the USB sticks sent out by the company via mail can be intercepted and altered.
Several experts disclosed car hacking methods this summer, with automobiles from Corvette, Tesla and General Motors being targeted. In response to recent revelations, the auto industry announced its intention to create an information sharing and analysis center that will focus on enhancing cyber security.
While so far we haven’t witnessed any malicious cyberattacks targeting connected vehicles, experts are concerned that this might change in the near future. Some believe we might soon see ransomware-style attacks aimed at cars, while others warn that the disruption to digital systems installed in cars will lead to verifiable human deaths in the next few years.

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
- Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations
- Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances
- OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
- New Honeywell OT Cybersecurity Solution Helps Identify Vulnerabilities, Threats
- Rheinmetall Says Military Business Not Impacted by Ransomware Attack
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
