Multiple TikTok security flaws found & fixed

Multiple TikTok security flaws found & fixed Featured Image
Ivana Vojinovic Image

January 10,2020

DataProt is supported by its audience. When you buy through links on our site, we may earn a commission. This, however, does not influence the evaluations in our reviews. Learn More.

One of the world’s most popular smartphone apps, TikTok, had serious flaws that made users vulnerable to information exposure and partial account takeover. 

Researchers at CheckPoint, a renowned cybersecurity company, identified the multiple vulnerabilities. 

The SMS verification protocol that TikTok used to help users install the app was flawed and open for malicious manipulation. The platform was also vulnerable to Cross-Site Scripting, which enabled attackers to inject malicious scripts to target the users.

A combination of these two vulnerabilities opens the door to otherwise hidden personal information, including names, dates of birth and email addresses. Attackers could also manipulate app accounts and delete or post videos.

CheckPoint could not confirm if the vulnerabilities were actually exploited. However, the company said it collaborated with TikTok to fix the vulnerabilities.

There are no comments yet
Leave your comment

Your email address will not be published.*