A ‘high severity’ TikTok vulnerability allowed one-click account hijacking
A vulnerability in the TikTok app for Android could have let attackers take over any account that clicked on a malicious link, potentially affecting hundreds of millions of users of the platform.
Details of the one-click exploit were revealed today in a blog post from researchers on Microsoft’s 365 Defender Research Team. The vulnerability was disclosed to TikTok by Microsoft, and has since been patched.
The bug and its resulting attack, labelled a “high severity vulnerability,” could have been used to hijack the account of any TikTok user on Android without their knowledge, once they clicked on a specially crafted link. After the link was clicked, the attacker would have access to all primary functions of the account, including the...
source https://www.theverge.com/2022/8/31/23329662/tiktok-vulnerability-microsoft-one-click-exploit-high-severity
Comments
Post a Comment