A high-severity flaw in the Android version of the TikTok app — which has been installed more than 1.5 billion times so far via the Google Play Store — could allow threat actors to hijack a user’s account with a single click.
Microsoft discovered the high-severity vulnerability in the handling of one of TikTok for Android’s deeplinks, a particular type of hyperlink in Android that links to a specific component within an app. To exploit it, cybercriminals could craft a malicious link that, if clicked, would allow full account access.
