Date: 2015-07-29
HARMAN INTERNATIONAL
NHTSA Action Number: EQ15005
Components: EQUIPMENT:ELECTRICAL
Subject: Software security vulnerability
Opened From: 2015-07-29 - 2016-01-04
Summary
In a Part 573 safety recall report, Fiat Chrysler Automobiles (FCA) notified the NHTSA on July 23, 2015, of certain software security vulnerabilities in approximately 1.4 million model year (MY) 2013 through 2015 vehicles equipped with Uconnect Access head units 8.4A (RA3 radio) and 8.4AN (RA4 radio) manufactured by Harman International (Recalls 15V-461 and 15V-508).According to FCA, software security vulnerabilities in the recalled vehicles could allow unauthorized third-party access to, and manipulation of, networked vehicle control systems.Unauthorized manipulation of vehicle control systems could reduce the driver's control of the vehicle, increasing the risk of a crash with an attendant increased risk of injury to the driver, other vehicle occupants, and other highway users.On July 29, 2015, the Office of Defects Investigation (ODI) opened Equipment Query, EQ 15-005, to determine the existance, nature and extent of similar security concerns in other head unit (HU) products installed in motor vehicles.On August 12, 2015, the Recall Management Division (RMD) issued an information request (IR) letter to Harman International requesting information pertaining to infotainment HUs provided to other vehicle manufacturers that share, or may share, similar wireless connectivity and to remind Harman of their responsibilities under Federal Law as an equipment manufacturer.Harman International responded and identified all infotainment head units supplied to other vehicle manufacturers with built-in cellular access or short range wireless communication features. The information submitted indicated that Volkswagen Audi AG and Bentley infotainment HUs used similar versions of the same Uconnect operating system.According to Harman, vulnerabilities identified by FCA are not present in the HUs supplied to Audi AG and Bentley given the distinct hardware components and software architectures of these varying infotainment systems.HU products supplied to the Volkswagen group contain software features and protocols unique to the supplied infotainment systems and respective vehicle systems.Additionally, Audi AG provided materials explaining why its infotainment technology provided increased safety and security.According to Audi, mobile online services and WiFi connectivity are located on a separate hardware module and vehicle systems are designed utilizing communication domains that are separated by a gateway.ODI reviewed all information submitted by Harman including supporting documentation for the HUs supplied to Audi AG and Bentley.Security architecture implementations in the head units supplied to other manufacturers are distinguishable from the Uconnect Access HUs provided to FCA.Audi AG and Bentley installed infotainment devices with countermeasures including multilayered security implementations and partitioned communication domains to reduce security vulnerability risks and mitigate or prevent cyber-attacks.Additionally, these other vehicles interacted with vehicle networks outside the infotainment system differently.Based on a thorough review of the technical information supplied in the course of this investigation, there does not appear to be a reason to suspect that the infotainment head units Harman supplied to other vehicle manufacturers contain the vulnerabilities identified by FCA.Accordingly, this investigation is closed.
Investigation Documents
For Latest Documents related to this Investigation, visit the NHTSA Website.
Click the (+) Plus Sign
Then click Associated Document(s).
- Advanced VCI Box, Industry-leading J2534 Pass-Thru...
- High-Speed OEM-Level Diagnostics & Programming: Unlock true...
- Coverage for 17 Car Brands & Ultra Reliability: Works...
- User-Friendly RLink Platform & Expert Support: TOPDON’s...
- 6.6 ft USB-C Cable & Portable Storage Case: The RLink J...
Search NHTSA Database for Recalls
Search NHTSA Database for (TSB's) Technical Service Bulletins
Technical Service Bulletins TSB's List
Previous Investigation | Next Investigation |
- CEL Doctor: The ANCEL AD310 is one of the best-selling OBD II scanners on the market and is recommended by Scotty Kilmer, a YouTuber and auto mechanic. It can easily determine the cause of the check engine light coming on. After repairing the vehicle's problems, it can quickly read and clear diagnostic trouble codes of emission system, read live data & hard memory data, view freeze frame, I/M monitor readiness and collect vehicle information.
- Sturdy and Compact: Equipped with a 2.5 foot cable made of very thick, flexible insulation. It is important to have a sturdy scanner as it can easily fall to the ground when working in a car. The AD310 OBD2 scanner is a well-constructed mechanic tool with a sleek design. It weighs 12 ounces and measures 8.9 x 6.9 x 1.4 inches. Thanks to its compact design and light weight, transporting the device is not a problem. The buttons are clearly labelled and the screen is large and displays results clearly.
- Accurate Fast and Easy to Use: The AD310 scanner can help you or your mechanic understand if your car is in good condition, provides exceptionally accurate and fast results, reads and clears engine trouble emission codes in seconds after you fixed the problem. This device will let you know immediately and fix the problem right away without any car knowledge. No need for batteries or a charger, get power directly from the OBDII Data Link Connector in your vehicle.
- OBDII Protocols and Car Compatibility: Many cheap scan tools do not really support all OBD2 protocols. AD310 scanner as it can support all OBDII protocols such as KWP2000, J1850 VPW, ISO9141, J1850 PWM and CAN. This device also has extensive vehicle compatibility with 1996 US-based, 2000 EU-based and Asian cars, light trucks, SUVs, as well as newer OBD2 and CAN vehicles both domestic and foreign. Pls confirm with our customer service whether it is compatible with your vehicle before purchasing.
- Home Necessity and Worthy to Own: This is an excellent code reader to travel or home with as it weighs less and it is compact in design. You can easily slide it in your backpack as you head to the garage, or put it on the dashboard, this will be a great fit for you. The AD310 is not only portable, but also accurate and fast in performance. Moreover, it covers various car brands and is suitable for people who just need a code reader to check their car.
- Multi-Functions - Practical Multi-Functions OBD2 code reader features built-in OBD2 DTC lookup library, which help you to determine the cause of the engine light, read code, erase code, view freeze frame, I/M ready, vehicle information, data flow, real-time curve, get vehicle speed information, calculate load value, engine coolant temperature, get engine speed.
- Wide Capability - Supports 9 protocols compatible with most 1996 US-Based, 2000 EU-Based and Asian cars, and newer OBD II & CAN domestic or import vehicles. Supports 6 languages - English,German, Dutch, Spanish, French, Italian.
- 2.8" LCD Display - Designed with a clear display 2.8" Large LCD screen - white backlight and contrast adjustment. No need any battery or charger, OBD reader gets the power directly from your vehicle through the OBDII Data Link Connector.
- Compact Design - Car diagnostic scanner is equipped with a 2.5 feet long cable and made of a very thick flexible insulator.There are 6 buttons on OBD2 Scanner:scroll up/down,enter/exit and buttons that quick query VIN vehicle number& the DTC fault code.
- ABS / Airbag codes NOT Supported - It is able to read and clear check engine information which is part of OBDII system, but it cannot work with non-OBDII systems, including ABS / Airbag / Oil Service Light, etc.
- 【Your Personal CEL Doctor – Read & Clear Engine Codes】The NT301 OBD2 scanner lets you read diagnostic trouble codes (DTCs), check em-issions readiness, turn off your Check Engine Light (CEL) or MIL, reset monitors, and view live data streams. It retrieves your vehicle's VIN instantly. Like all standard OBD2 scanners, it clears codes only after repairs are completed—if the issue persists, the code will return. Designed for DIYers who want to understand what’s really going on under the hood.
- 【Easy Code Reading – Just Plug & Play】Simply plug into the OBD2 port, turn the ignition to “ON” (engine off), and select the correct menu: Select OBDII-> Wait for seconds-> Select Read codes. For accurate results, ensure your vehicle is compatible and the OBD2 port is free from damage or wiring issues. No batteries needed— powered directly by your car.
- 【Live Data Graphing & Accuracy for Most OBD2 Vehicles】View and log live sensor data in graph form—monitor oxygen sensors, fuel trims, coolant temp, RPM, and more. Spot trends and suspicious values in real time. Compatible with most 1996+ gasoline cars, light trucks, and SUVs sold in the U.S., as well as many 2000+ European and Asian models. Also works on 12V diesel vehicles equipped with OBD2.
- 【S-mog Check Helper – Know Your Readiness Status at a Glance】With dedicated I/M readiness hotkeys and a simple Red-Yellow-Green LED indicator, you’ll instantly know if your vehicle is ready for em-issions testing. Built-in speaker provides audio feedback. No guesswork—just confidence before you head to the test center.
- 【A Must-Have Tool for Every Home Mechanic】Compact, rugged, and ready to use right out of the box. The 2.8” color screen is easy to read, even in daylight. No charging or setup required—just plug into the 16-pin DLC and start diagnosing. Recommended by professional mechanics on YouTube and trusted by DIYers worldwide.
Last update on 2026-03-23 / Affiliate links / Images from Amazon Product Advertising API
This product presentation was made with AAWP plugin.