The Office of Defects Investigations (ODI) is an office within the NHTSA which investigates serious safety problems in the design, construction or performance of vehicles. The NHTSA is authorized to order manufacturers to recall and repair vehicles, if the ODI finds a safety issue. NHTSA investigations for the 2015 Jeep Cherokee, both ongoing and closed, are listed below:

  1. INVESTIGATION: Software security vulnerability

    NHTSA Defect Investigation #RQ15004

    Component(s): Electrical System: Software

    Summary: On July 23, 2015, Fiat Chrysler Automobiles (FCA) launched Safety Recall 15V-461 to remedy security vulnerabilities in approximately 1.4 million model year (MY) 2013 through 2015 vehicles equipped with Uconnect head units (HU) 8.4A (RA3 radio) and 8.4AN (RA4 radio) manufactured by Harman International.On July 24, 2015, the Office of Defects Investigation (ODI) opened Recall Query, RQ 15-004, to investigate HU security vulnerabilities and remedy effectiveness in the recalled population and to determine whether similar units have been supplied for use in other FCA vehicles.In an August 11, 2015 letter, FCA submitted a second Part 573 safety recall report expanding the scope of the Uconnect RA4 model radio to include additional 7,810 MY 2015 Jeep Renegade vehicles manufactured from September 18, 2014 through June 25, 2015 (Recall 15V-508).Scope analysis indicated that Uconnect radios installed in FCA vehicles not included in recalls 15V-461 or 15V-508 (subject recalls) are not equipped with built-in cellular access or short range wireless communication features and, thus, do not contain the security vulnerabilities addressed by the subject recalls. SUBJECT VEHICLES: MY2014 through 2015 Dodge Durango, Jeep Grand Cherokee and Jeep Cherokee sport utility vehicles; MY2013 through 2015 Ram 1500, 2500, 3500 and 4500/5500 pickup trucks; MY2013 through 2015 Dodge Viper vehicles; and MY2015 Chrysler 200, 300, Jeep Renegade, Dodge Charger and Challenger vehicles.According to FCA, long and short range wireless vulnerabilities identified in the recalled vehicles could allow unauthorized third-party access to, and manipulation of, networked vehicle control systems.Successful exploitation of the vulnerabilities, coupled with reverse engineering of networked microprocessor control modules, could result in unauthorized manipulation of vehicle control systems. This unauthorized manipulation of vehicle controls and systems could expose the driver, vehicle occupants or other highway users to an increased risk of injury.FCA and its network provider, Sprint, conducted a nationwide campaign to block access to a radio communications port that was unintentionally left open.On July 27, 2015, short range wireless vulnerabilities were also blocked.Finally, third party security evaluation and regression testing identified vulnerabilities that were either remedied by Sprint or through updates to the FCA Uconnect software.ODI identified a total of 30 complaints or field reports on unique vehicles submitted by FCA (29) or received by NHTSA (1) alleging incidents of theft from a vehicle or anomalous performance that the owner alleged were caused by, or may have been caused by, remote hacking.Twenty-six (87%) of these reports were submitted after a magazine article was published on July 21, 2015, describing the remote hacking of an FCA vehicle by researchers who were able to affect the operation of various vehicle control systems, including the service brakes, steering, throttle and ignition.Most of the complaints involved vehicle systems that were not safety critical (e.g., complaints related to radio, navigation system, or air-conditioning control) and did not affect vehicle control.Three complaints reported engine stalls.One owner reported sudden unintended acceleration allegedly related to hacking.None of the complaints or field reports reviewed involved the steering and braking vehicle control effects demonstrated by the research hackers prior to the recall.There were no confirmed incidents of hacking in any of the records reviewed by ODI.The remedies completed by Sprint and FCA appear to have eliminated vulnerabilities that might allow a remote actor to impact vehicle control systems.This recall query investigation is closed; this action does not constitute a finding by NHTSA that a safety-related defect does not exist. (Continued on attachment A)

  2. INVESTIGATION: Engine compartment fire

    NHTSA Preliminary Evaluation #PE15003

    Component(s): Engine
    Equipment:Air Conditioner

    Summary: On October 15, 2015, Fiat Chrysler Automobiles, US LLC, (FCA), submitted a Defect Information Report (DIR) to NHTSA regarding an air-conditioning suction/discharge combo line routing condition that may result in engine compartment fire in approximately 75,574 model year (MY) 2015 Jeep Cherokee vehicles equipped with 2.4L engines and built from October 1, 2014 through June 18, 2015 (NHTSA Recall 15V-676, FCA Recall R57).According to FCA's DIR, a misrouted A/C combo line can be pinched and cut or thermally degraded by the exhaust manifold heat shield, potentially resulting in loss of air conditioning, smoke and/or fire from ignition of leaked A/C refrigerant oil onto a hot exhaust manifold.The recalled vehicles will be inspected for misrouted A/C combo lines and those found to be misrouted will be replaced.FCA estimates that one percent of the recalled population may be affected by the A/C combo line routing defect.ODI-s analysis of warranty data provided by FCA in response to the information request letter for PE15-003 identified a spike in claims related to the A/C combo line leakage in vehicles equipped with 2.4L engines built after October 1, 2014.FCA implemented its final process corrective action for the hose routing concern on June 18, 2015.The 113,034 MY 2015 Jeep Cherokee vehicles equipped with 3.2L engines have different A/C line routing configurations and are not affected by the A/C combo line routing defect.FCA provided a total of 220 warranty claims potentially related to the A/C combo line in vehicles equipped with 2.4L engines.Ninety-five percent of the claims (210) involved the 74,574 Jeep Cherokee 2.4L vehicles built during the recall period.Only 10 A/C combo line claims and no related fires were identified in the 28,250 Jeep Cherokee 2.4L vehicles that were built before or after the period with the hose routing concern.Analysis of engine compartment fires reported to ODI and FCA identified a total of 10 fires in MY 2015 Jeep Cherokee vehicles.Nine (9) of the fires involved vehicles equipped with 2.4L engines and 8 of these involved vehicles built during the production range subject to Recall 15V-676.These include 5 fires that FCA's investigations determined were most likely caused by the A/C combo line and 3 fires of unknown cause originating in the area of the exhaust manifold heat shield, resulting in fire incident rates in the recall population of 6.6 per 100,000 vehicles for the A/C combo line condition and 10.6 per 100,000 vehicles for fire incidents for which the A/C combo line could not be excluded as the cause.The other 2 engine compartment fires involved a low-mileage fire of unknown cause in a vehicle equipped with a 3.2L engine and a minor self-extinguished fire that FCA-s investigation attributed to a lower transmission oil cooler (TOC) line connection seepage condition in a rental vehicle equipped with a 2.4L engine and built prior to the recall production range. This preliminary evaluation is closed based on FCA-s recall.The following VOQ numbers are associated with the issues discussed in this closing resume: A/C combo line failure:10786287 Unknown cause:10712350, 10678215, 10672201