Hackers discovered a security vulnerability in Jeep Cherokees that allows remote users to take control of the sport-utility vehicles, according to a report from Wired.
Continue Reading Below
The report on Tuesday said hackers Charlie Miller and Chris Valasek developed code that can send commands to the engine, transmission, brakes and other components. In a test, they wirelessly accessed a Cherokee through its Uconnect infotainment system and cellular connection.
Miller and Valasek believe their attack can work on other cars made by Fiat Chrysler Automobiles (NYSE:FCAU). They said approximately 471,000 vehicles equipped with Uconnect from late 2013 through early 2015 may be vulnerable.
Just in the U.S., Jeep has sold 309,720 Cherokees since the SUV hit showrooms in late 2013.
Last week, FCA released a software update to “improve vehicle electronic security and communications system enhancements,” according to the company’s website.
The update can be downloaded and installed by customers using a USB drive, or owners can bring their vehicles to a dealer.
“FCA has a dedicated team from System Quality Engineering focused on identifying and implementing software best practices across FCA globally,” the automaker said in a statement. “The team’s responsibilities include development and implementation of cybersecurity standards for all vehicle content, including on-board and remote services.”
FCA also criticized the hackers for their reported plan to release the code at a conference in Las Vegas.
“Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” FCA said.
FCA shares were trading 5 cents higher at $15.52 on Tuesday. The stock is up 34% since the start of 2015.