2005 Jeep Grand Cherokee Limited on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Jeep Grand Cherokee in headliner fire probe

The National Highway Traffic Safety Administration is launching an investigation into 146,000 Jeep Grand Cherokee SUVs from the 2012 model year, The Detroit News reports. This comes as the result of the government safety agency receiving three complaints from owners who cited fires inside the Jeep's cabin.
According to the report, NHTSA says:
"The customers reported a burning odor and visible smoke coming from the headliner while the vehicle was being driven. This was followed by flames from the headliner itself. Customers lowered the windows in an effort to clear the smoke but this increased the fire's intensity. All three vehicles had to be extinguished with a fire extinguisher or by the fire department as they continued to burn after the vehicle was turned off."

Chrysler recalling nearly half a million Durangos and Grand Cherokees

Rule number one of public relations – save the bad news for Friday. Fiat Chrysler has adhered to that, announcing today that it'd be voluntarily recalling 467,480 SUVs. This latest recall could actually be thought of as a continuation of a September 2014 recall, relating to the fuel-cell relay. In that case, some 188,723 Dodge Durango and Jeep Grand Cherokee CUVs from model year 2011 were recalled. And this time, it's the Durango and GC in trouble again. FCA is adding crossovers from model years 2012 and 2013 to the fuel-pump recall, although only diesel-powered Jeeps with the 3.0-liter V6 that were sold outside of North America are affected this time around. As with the previous recall, deformities in the fuel-pump relay, which could affect its functioning. In most cases, FCA reports that the affected vehicles simply won't start, although they also could be prone to stalling. A new relay circuit will be installed that promises increase durability. Of the 467,480 vehicles being recalled, 338,216 were sold in the US market, 18,991 went to Canada and 10,829 were shipped south of the border, to Mexico. Outside of the NAFTA region, FCA is recalling 99,444 vehicles. No injuries or accidents have been associated with this recall. Statement: Fuel-Pump Relay February 27, 2015 , Auburn Hills, Mich. - FCA US LLC is voluntarily recalling an estimated 467,480 SUVs worldwide to install new a relay circuit that improves fuel-pump relay durability. FCA US engineers have determined a condition identified in a previous investigation may extend to additional vehicles. The previous investigation, which led to a recall, traced a pattern of repairs to fuel-pump relays that are susceptible to deformation. This may affect fuel-pump function, preventing a vehicle from starting, or leading to engine stall. Of the two scenarios, the no-start condition is the more common. FCA US is unaware of any related injuries or accidents. The fuel-pump relay is located inside the Totally Integrated Power Module (TIPM), which also helps manage other vehicle functions. None of these other functions, including air-bag deployment, is affected by the fuel-pump relay. The new campaign affects an estimated 338,216 vehicles in the U.S.; 18,991 in Canada; 10,829 in Mexico and 99,444 outside the NAFTA region. Covered are model-year 2012 and 2013 Dodge Durango full-size SUVs and non-NAFTA 2011 Jeep Grand Cherokee mid-size SUVs equipped with 3.0-liter diesel engines.