US-CERT: Fiat Chrysler Automobiles (FCA) Uconnect Vulnerability

0 views
Skip to first unread message

Gerald309

unread,
Jul 29, 2015, 2:38:51 AM7/29/15
to bluecollar...@googlegroups.com, bluecollar...@yahoogroups.com
Fwd: Fiat Chrysler Automobiles (FCA) Uconnect Vulnerability


-------- Forwarded Message --------
Subject: Fiat Chrysler Automobiles (FCA) Uconnect Vulnerability
Date: Mon, 27 Jul 2015 17:10:41 -0500
From: US-CERT <US-...@ncas.us-cert.gov>
Reply-To: US-...@ncas.us-cert.gov
To: gera...@gmail.com


NCCIC / US-CERT

National Cyber Awareness System:

07/27/2015 05:06 PM EDT

Original release date: July 27, 2015

A vulnerability affecting the Uconnect software from FCA has been reported. Exploitation of this vulnerability may allow an unauthorized user to take remote control of an affected vehicle, but the attack requires access to Sprint's cellular network, which connects FCA vehicles to the Internet. Sprint has blocked the port used for attacks. FCA and the National Highway Transportation Safety Administration (NHTSA) have also initiated a safety recall for all potentially affected Chrysler, Dodge, Jeep, and Ram models. See the NHTSA recall announcement for a complete list.

US-CERT recommends that users review ICS Alert 15-203-01 and Vulnerability Note VU#819439 for more information. Uconnect users are encouraged to review the NHTSA recall announcement and apply the software update.


This product is provided subject to this Notification and this Privacy & Use policy.


A copy of this publication is available at www.us-cert.gov. If you need help or have questions, please send an email to in...@us-cert.gov. Do not reply to this message since this email was sent from a notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-...@ncas.us-cert.gov to your address book.
OTHER RESOURCES:
Contact Us | Security Publications | Alerts and Tips | Related Resources
STAY CONNECTED:
Sign up for email updates

This email was sent to gera...@gmail.com using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (888) 282-0870 Powered by GovDelivery

-- 
SENDER: gerald309 -- 
Have A Safe Computing Day!
Webmaster: Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSec...@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005 
 MOBILES: http://pdamobilecafe.wordpress.com/ 
Alerts: pdamobilecafemobile...@yahoogroups.com 
RSS: https://groups.google.com/forum/feed/pdamobilecafe-mobilealerts/msgs/rss.xml?num=15


Reply all
Reply to author
Forward
0 new messages