Microsoft Finds Account Takeover Bug in TikTok
Security researchers have reportedly identified a high severity vulnerability in the popular social media platform TikTok. The flaw affects the Android version of the app, and could allow attackers to remotely hijack user accounts. Microsoft first reported the vulnerability to TikTok in February 2022. After this exchange, TikTok promptly fixed the issue. The app has roughly 1.5 billion downloads on the Google Play Store. Microsoft reported that there is no evidence that the bug has been exploited in the wild yet. The flaw is tracked as CVE-2022-28799.