Attackers could have exploited vulnerability to steal TikTok user authentication tokens and wreak havoc.
Microsoft security researchers discovered and analyzed the vulnerability, then disclosed their research to TikTok in February of this year. While TikTok may have questionable
A new report by Microsoft details a vulnerability in the TikTok Android app that threat actors could have exploited to hijack user accounts with a single click. The vulnerability appears in the National Vulnerability Database with the Common Vulnerabilities and Exposures (CVE) identifier CVE-2022-28799 and a high severity rating of 8.8 out of 10. The vulnerability affected both versions of the Android app, one of which is specific to East and Southeast Asia. This potentially puts over 1.5 billion users at risk of account hijacks.Microsoft security researchers discovered and analyzed the vulnerability, then disclosed their research to TikTok in February of this year.
