Security researchers at Microsoft found a high-severity vulnerability in TikTok that could have allowed hackers to launch an arbitrary website to steal data from the accounts of users with just a single click.
The technology company notified TikTok regarding the vulnerability in February 2022. Though vulnerability CVE-2022-28799 was fixed, users were asked to update the video hosting application to its latest version to avoid hacking attempts in the future.
Range of exploitation
This vulnerability would also allow cyber attackers to access and modify user information. They could misuse sensitive details including pictures, videos, messages, etc. and sell or publish it online. Moreover, hackers could use the flaw to send messages in the name of the TikTok user and exploit social connections.
Developers take precaution