In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges.Referenceshttps://github.com/ONLYOFFICE/DesktopEditors/blob/master/CHANGELOG.md
