Egyptian security researcher Sayed Abdelhafiz discovered multiple bugs in TikTok Android Application that can be chained to achieve Remote code execution. The expert created a zip file and path traversed the. file to overwrite the libjsc.so file:/data/ data/com.zhiliaoapp.musically/app_lib/df_rn_kit/. The expert then overwrote the native-libraries with a malicious library created to execute his code. TikTok Security team quickly addressed the vulnerabilities.”]
Source: https://securityaffairs.co/wordpress/115714/hacking/rce-tiktok-android-app.html