In ONLYOFFICE DesktopEditors before 9
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges.
Exploitability
AV:L
AC:L
PR:N
UI:N
Scope
S:U
Impact
C:N
I:N
A:H
6.2/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Other
CWE-669