Queries Closed Into Chrysler and Harman Radio Hacking

Safety regulators close queries into Chrysler hacking incident and Harman Uconnect radios.

Posted in News

— The National Highway Traffic Safety Administration (NHTSA) has closed a "recall query" into 1.4 million Chrysler, Dodge, Jeep and Ram vehicles. NHTSA also closed an "equipment query" into Harman International radios used in cars from other manufacturers.

Chrysler Recall Query (Closed)

The recall query was opened after Fiat Chrysler recalled vehicles to protect against possible hacker attacks. The recall of 1.4 million vehicles followed news of hackers sending a Jeep Cherokee off a highway near St. Louis. The hackers were security researchers testing the vulnerability of the radio and wireless connections in the Jeep.

The July 2015 recall saw Chrysler call back vehicles equipped with the Uconnect 8.4A (RA3 radio) and 8.4AN (RA4 radio) manufactured by Harman International.

Affected vehicles included the:

  • 2014-2015 Dodge Durango, Jeep Grand Cherokee and Jeep Cherokee
  • 2013-2015 Ram 1500, 2500, 3500 and 4500/5500
  • 2013-2015 Dodge Viper
  • 2015 Chrysler 200, 300
  • 2015 Dodge Charger and Challenger

An additional recall was ordered to include over 7,800 model year 2015 Jeep Renegade SUVs with the same radios.

The recall query was opened to determine if other Chrysler vehicles had radios that could open doors to hackers.

NHTSA concludes Chrysler vehicles that weren't part of the recalls don't have radios with built-in cellular access or short-range wireless features, which allegedly eliminate the hacking threat. In addition, third-party testing showed potential cellular vulnerabilities were fixed by wireless carrier Sprint or repaired through updates to the Uconnect software.

Although there were 30 complaints and field reports filed over hacking concerns, it was determined 26 of those reports were filed after media reports of the Jeep Cherokee hack. Additionally, most of the complaints involved vehicle systems that were not critical to safety or vehicle control. NHTSA concludes there were no confirmed hacking incidents associated with any of the complaints, therefore the recall query is closed.

Harman Radio Equipment Query (Closed)

NHTSA has closed its investigation into Harman 8.4A (RA3 radio) and 8.4AN (RA4 radio) infotainment systems installed in Audi, Bentley and Volkswagen vehicles. The government opened the investigation to determine if the radios had security vulnerabilities similar to those Harman radios installed in Chrysler vehicles.

NHTSA says the Harman infotainment systems in the Audi, Bentley and VW cars are similar but use distinct hardware and software in comparison to the Chrysler radios. Audi says its system is not only different but provides increased safety and security protection.

For example, Audi wireless services are located on a separate hardware module and the vehicle systems are designed using communication domains separated by a gateway. Furthermore, infotainment systems in Audi and Bentley cars have multilayered security protocols and other advantages to prevent cyber attacks.

Based on the findings, the Harman radio equipment query is closed without any action taken.