Blog | G5 Cyber Security

Expert found a 1-Click RCE in the TikTok App for Android

Egyptian security researcher Sayed Abdelhafiz discovered multiple bugs in TikTok Android Application that can be chained to achieve Remote code execution. The expert created a zip file and path traversed the. file to overwrite the libjsc.so file:/data/ data/com.zhiliaoapp.musically/app_lib/df_rn_kit/. The expert then overwrote the native-libraries with a malicious library created to execute his code. TikTok Security team quickly addressed the vulnerabilities.”]

Source: https://securityaffairs.co/wordpress/115714/hacking/rce-tiktok-android-app.html

Exit mobile version