Date: 2015-07-24
NHTSA Action Number: RQ15004
Components: ELECTRICAL SYSTEM:SOFTWARE
Subject: Software security vulnerability
Opened From: 2015-07-24 - 2016-01-05
NHTSA Recall Number: 15V508
Summary
On July 23, 2015, Fiat
Chrysler Automobiles (FCA) launched Safety Recall 15V-461 to remedy security vulnerabilities in approximately 1.4 million model year (MY) 2013 through 2015 vehicles equipped with Uconnect head units (HU) 8.4A (RA3 radio) and 8.4AN (RA4 radio) manufactured by Harman International.On July 24, 2015, the Office of Defects Investigation (ODI) opened Recall Query, RQ 15-004, to investigate HU security vulnerabilities and remedy effectiveness in the recalled population and to determine whether similar units have been supplied for use in other FCA vehicles.In an August 11, 2015 letter, FCA submitted a second Part 573 safety recall report expanding the scope of the Uconnect RA4 model radio to include additional 7,810 MY 2015 Jeep Renegade vehicles manufactured from September 18, 2014 through June 25, 2015 (Recall 15V-508).Scope analysis indicated that Uconnect radios installed in FCA vehicles not included in recalls 15V-461 or 15V-508 (subject recalls) are not equipped with built-in cellular access or short range wireless communication features and, thus, do not contain the security vulnerabilities addressed by the subject recalls. SUBJECT VEHICLES: MY2014 through 2015 Dodge Durango, Jeep Grand Cherokee and Jeep Cherokee sport utility vehicles; MY2013 through 2015 Ram 1500, 2500, 3500 and 4500/5500 pickup trucks; MY2013 through 2015 Dodge Viper vehicles; and MY2015 Chrysler 200, 300, Jeep Renegade, Dodge Charger and Challenger vehicles.According to FCA, long and short range wireless vulnerabilities identified in the recalled vehicles could allow unauthorized third-party access to, and manipulation of, networked vehicle control systems.Successful exploitation of the vulnerabilities, coupled with reverse engineering of networked microprocessor control modules, could result in unauthorized manipulation of vehicle control systems. This unauthorized manipulation of vehicle controls and systems could expose the driver, vehicle occupants or other highway users to an increased risk of injury.FCA and its network provider, Sprint, conducted a nationwide campaign to block access to a radio communications port that was unintentionally left open.On July 27, 2015, short range wireless vulnerabilities were also blocked.Finally, third party security evaluation and regression testing identified vulnerabilities that were either remedied by Sprint or through updates to the FCA Uconnect software.ODI identified a total of 30 complaints or field reports on unique vehicles submitted by FCA (29) or received by NHTSA (1) alleging incidents of theft from a vehicle or anomalous performance that the owner alleged were caused by, or may have been caused by, remote hacking.Twenty-six (87%) of these reports were submitted after a magazine article was published on July 21, 2015, describing the remote hacking of an FCA vehicle by researchers who were able to affect the operation of various vehicle control systems, including the service brakes, steering, throttle and ignition.Most of the complaints involved vehicle systems that were not safety critical (e.g., complaints related to radio, navigation system, or air-conditioning control) and did not affect vehicle control.Three complaints reported engine stalls.One owner reported sudden unintended acceleration allegedly related to hacking.None of the complaints or field reports reviewed involved the steering and braking vehicle control effects demonstrated by the research hackers prior to the recall.There were no confirmed incidents of hacking in any of the records reviewed by ODI.The remedies completed by Sprint and FCA appear to have eliminated vulnerabilities that mi
For Documents Related to this Investigation go to NHTSA Website
Click on the (+) Plus Sign
Then Click on Associated Document(s)
More Information on this Investigation on the NHTSA WebsiteSearch NHTSA Database for Recalls
Search NHTSA Database for (TSB's) Technical Service Bulletins
View Latest (TSB's) Technical Service Bulletins
Search NHTSA Database for Vehicle Complaints
View Latest Vehicle Complaints
- [2025 Newly Added 7 RESET FUNCTIONS] 2025 New Ver. obd2 scanner diagnostic tool CRP123X Elite ADD NEW SPECIAL FUNCTIONS for FREE--Throttle Adaptation, Oil Reset, SAS Reset, BMS Reset, Brake Reset, D-P-F Regeneration, ABS bleeding. Before the trip to the mechanic, launch obd2 scanner crp123x elite can do deeper diagnosis for the car system and react with accurate data in minutes. More, the list of compatible models has been expended. Upgrading frequency is regular, occurring monthly even weekly.
- [FCA AutoAuth &Free Updates for Lifetime]. LAUNCH CRP123X provides no-fee upgrades. Continually enhance vehicle diagnostic software, can diagnose 1996-2025 vehicles with a massive global vehicle database. With integrated AutoAuth, diagnose 2018+ FCA SGW-equipped cars.Yearly functional upgrades ensure CRP123X purchased years ago to keep up with newer diagnostic advancements. Beyond that, we'll always be working on behind-the-scenes bug fixes to drive your scan tool in excellent condition.
- [Accurate & Intuitive Multi System Diagnosis] Will you be confused about what happens when the warning light of transmission, ABS, and SRS Airbag check engine flashes? Launch obd2 scanner diagnostic tool CRP123X to pinpoint the problem components for a faster diagnosis for your car instead of taking your car to the dealership, and will turn off the warning light for you after fixing the problem, make to know more about your cars and do your own repair.
- [Multiple Display of Live Data + DTC Code Definition Explanation] Launch car tools show real-time data of oil temp, pressure, transmission temp, engine speed, coolant temperature, you will know which car part is abnormal. Data can be shown in a single, multi- graph, and merge two graphs for analysis(merge 4 PIDs in one). It’s convenient for car owners to purchase auto parts and replace it by yourself, 🔥Code Search,DTC Library provide massive information.
- [2025 Hardware Upgrade & One-click Recognition] Faster! Stable! CRP123X Elite car diagnostic scanner has a new processor, Android 8.1, 32GB of memory, 5-inch touchscreen (720P), 6100mAh rechargeable battery,. Wireless WiFi connection embarks on hassle-free faster renewing with one click. LAUNCH code reader effortlessly recognizes vehicle information( (vehicle make, model, and year info) through one-tap automatic VIN scanning, with no manual input, just swift and precise data at your fingertips.
- 【Recom-mended by YouTube Machinists】We are proud to tell that LAUNCH X431 PROS V+ 5.0 has been recom-mended as "" Per-fect Overall Car Diagnostic Scanner "" by famous editors, and also highly recom-mended by YouTube machinists.
- 【What Are the 2025 PROS V+ 5.0 Hardware Changes】With new in-house developed screen; 8.0 MP Pixel Rear Camera;Android 10.0 System; 2.4GHz&5GHz Dual-Frequency Wi-Fi, the transmission rate is 4Xfaster than old version; 4+64GB provides larger data memory; 6300mAh battery lasts 15+h work; CPU Updated to 2.0 GHz quard-core. greatly increased the speed of running multiple task; 8XFAST AUTO VIN technology;DBSCar VII connector equipped with indicator lights, which is more intuitive and user-friendly
- 【Technology Itself is Proof of Quality】LAUNCH DBSCar VII+Self-developed screen.Using USB type A/USB type C connectors and DBSCar VII VCI connector can make the process of diagnosing and matching faster and more stable, DBSCar VII connector equipped with indicator lights, which is more intuitive and user-friendly. The latest self-developed screen from LAUNCH, in addition to its strong anti-fall ability, is different from other launch models in sensitivity and touch.
- 【2025 Newly Added CANFD】With the CANFD Connector, you can seamlessly diagnose a wider range of vehicle models (up to model year 2025, see image below for supported models) using advanced CANFD protocols. Gone are the days of being limited to certain models - now you can confidently handle the latest models, even those with the most advanced systems.
- 【Bi-Directional+Online Coding+Over 38 Reset Services+Adaptation+Initialization+ Matching】PROS V+ 5.0 scan tool Elite also support:K-EY programming,Gear/ SAS/ EPB/ TPMS/ BMS/ETS/Oil/Brake/AFS/GEARBOX/SUNROOF/SUS Reset,ABS Bleed, Injector coding.Gives you the ability to use dealership level relearn procedures to complete repairs.You can get 100+ advanced special functions under the""vehicle brand""-""menu""-""system"" - ""special functions"".
- 【2025 UPGRADED VERSION, NEW CHIPS, ADD MORE FUNCTIONS, No Extra Software Fee】Faster! The 2025 CRP123I V2.0 car diagnostic scanner has a new processor, Android 8.1, 32GB of memory, 5-inch touchscreen (720P), 6000mAh rechargeable battery, One-touch Wi-Fi Lifetime Free update for more vehicle coverage, bug fixes,newly added parameters, and functionality to help you access, diagnose and fix more vehicles faster,upgrade of CRP123I.
- 【Newly Added 7 RESET FUNCTIONS】+ 【BATTERY VOLTAGE TEST】2025 New Ver. scan tool CRP123I V2.0 ADDS NEW SPECIAL FUNCTIONS-Throttle Adaptation,Oil Reset,SAS Reset,ABS Bleeding,BMS Reset,EPB Reset, D.P.F Regeneration,to maintain your vehicle system safely and efficiently.Graphing the battery voltage easier and more intuitive for the real-time monitors to check.It does not only reveal what error codes your car is producing,but also erase your vehicle's check engine light after the problem is fixed.
- 【Multi System Diagnostic Tool】LAUNCH CRP123I V2.0 obd2 scanner check ABS/SRS/AT/ENG systems &10 OBD2 modes, read/clear fault codes,Online Google Search, 4 IN 1 Graphing.Store and playback of dynamic data stream help to quick analysis and diagnosis. Generate vehicle health reports with one click and share them with your email via W-ifi which helps avoid blind maintenance. CRP123I costs less, in the long run, saving you up to $2000 each year.
- 【Fre-e Lifetime Update + AutoAuth for FCA SGW+ Auto Vin】This scan tool features One-click w-ifi update and fre-e for fixing more bugs; Realtime battery voltage graphing helps to Judge the state of the battery; Auto Vin,facilitate accurate diagnosis and provide useful information.Besides,CRP123I V2.0 support AutoAuth for FCA SGW,For 2017 and later FCA Vehicles with Secure Gateway Module (SGW),with no limitation.
- 【Cover 10000+ Models & 90+ Car Brands】CRP123I V2.0 Elite launch scanner is capable of diagnosing fault codes on more than 10000+ vehicles from 1996 to 2025 and 90+ car makes worldwide. Support almost all OBDII cars such as SUVs, minivans, light-duty trucks, etc. It's an excellent tool for all types of mechanics from novice to pros. NOTICE: Compatibility will vary on vehicles' model and year, pls c-ontact us via Q&A/message before purchase.
- 【J2534 PROTOCOL WITH SMARTLINKC】 LAUNCH X431 PRO3S+ ELITE scan tool with newly upgraded smartlinkC V2.0. The SmartLinkC is a communication interface supporting J2534 specifications. Of course, it also can be used as a J2534 PassThru device, working together with the PC installed with the OEM diagnostic software to perform the J2534 protocol.J2534 protocol is the only solution for problems ranging from driveability and loss of power to poor fuel economy.
- 【INTELLIGENT TOPOLOGY MAP TO FASTER FULL SYSTEMS DIAGNOSIS】 X431 PRO3S+ELITE bidirectional scan tool with new-added intuitive topology mapping. Harnesses intuitive topology mapping for comprehensive visualization of the vehicle all system. It shows all available control units in different colors, the numbers of system, the scanned system, and the scan results, bringing maximum convenience & superfast speed for you to do swift diagnosis & high-level repairs.
- 【TOP HARDWARE CONFIGURATION, UPGRADED OF LAUNCH X431 PRO3S+】 LAUNCH X431 PRO3S+ELITE diagnostic scanner possess with Android 10.0 OS; CPU 4-Core Processor, 2.0 GHz. Greatly increased the speed of running multiple task. 2.4GHz/5GHz; 6300mAh/7.6V stronger battery capacity; 10.1 Inch Touchscreen with 8MP camera; AUTO VIN; 4GB+64GB storage memory; 20X faster transmission rate, save more vehicle documents and customer data; Supports 25+ Software Languages, such as EN, DE, FR, SP nd JP and so on.
- 【3000+ ACTIVE TEST/BI-DIRECTIONAL CONTROL LAUNCH SCANNER】 LAUNCH X431 PRO3S+ELITE HD automotive scanner is a cost-effective bidirectional scanner that deserves owned by every repairing DIYers and mechanics. You can easily send command signal at fingertips from the scanner to various module actuators to test component integrity and functionality in minutes or even seconds to tell if replacement or repair is needed.
- 【COMPLETE 60+ HOT RESETS, CALIBRATION, INITIALIZATION, RELEARN】 LAUNCH X431 PRO3S+ELITE SmartLinkC escaner automotriz professional enjoys 60+ special service, such as Oil Reset, ABS brake bleed, EPB, SAS, BMS, Suspension, Injector reset, Power Balance, Turbo Calibration, VGT, Transmission Adaption, Throttle Adaptation, matching and etc. rigorous on-site testing has been performed to ensure 100% availability.
- [2025 LAUNCH CRP919X] Tired of scan tools that lag and lack features? Meet LAUNCH CRP919X - it’s got all power of XTOOL D8/Autel MK808Z/MK900, plus it’s a pro at ECU Coding = X-431 PROS V+. Better, in 2024 we added more: FCA AutoAuth, CAN-FD, DoIP, expanding features with 3 module modules, all without breaking your bank. The most-recent models are covered with weekly upgrading. CRP919X runs on Android 10.0, 3+32GB RAM/ROM. Time to upgrade your workshop and get more than your money’s worth!
- [ECU Coding] You can run ECU Coding to address challenges such as DTCs related to sensor / actuator circuit breaks, unreliable signals; installing new modules, and flashing hidden features. Unlike other scan tools that support Coding for only 3 brands, LAUNCH CRP919X is available for 100+ brands (need paid OE software for Be.nz, BM.W, V.W, A.udi, G.M, F0rd, even Porsche, etc.) And it comes with easy-to-follow steps to make coding a breeze. *Remember to back up your data before coding.
- [4000+ Active Tests = X431 LAUNCH Scanner] Pay half, yet get all 4000+ tests previously only featured in X431 scanners! You can directly send commands to ECU, drive components like “relays, injectors, coils, solenoids valves, actuators” to move. NO time-consuming old methods BUT verify if they function correctly in just 10 minutes, speeding up troubleshooting 3X FASTER! And NO compatibility headaches. Superior to 80% of diagnostic tools on market, it works on nearly 100% popular vehicles.
- [150+ Brands Coverage + CANFD/DOIP] The compatibility of LAUNCH scanner has always been a leader in industry, with upgrades so frequent that can be weekly! And CRP919X meets all your expectations: 1) added CANFD/DOIP; 2) FCA SGW access, no need extra adapters; 3) cover 150+ all-regional brands; 4) the multilingual menu; you can use it fluently without barriers, and switch languages on your own without having to send e-mails to dealers. (NO waiting 24+ hours just to change a menu language)
- [35+ HOT Services] Compared to similar OBD2 scanners MK808S/D1/909X, the LAUNCH CRP919X has a huge upgrade: E-P-B/Oil_Reset/DP.F/SAS/TPMS/BMS/Injector/Throttle/Suspension/Brake_Bleed, etc. NOT just a big jump in the number of features, BUT also a serious boost in compatibility (more cars supported). In 2024 even added 20+ new features to keep your CRP919X at the forefront of industry, e.g. Motor Angle Calibration/Turbocharging Matching/Swipe/Clutch Matching. MORE is coming your way.
This product presentation was made with AAWP plugin.
Last update on 2025-04-28 / Affiliate links / Images from Amazon Product Advertising API
