Description
In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges.
Published: 2026-04-16
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Patch
AI Analysis

Impact

In ONLYOFFICE DesktopEditors versions prior to 9.3.0, the update service can be exploited to execute actions on files with SYSTEM privileges. This flaw is rooted in improper privilege management, allowing attackers who obtain the ability to influence the update process to elevate privileges or run code with elevated rights, undermining confidentiality, integrity, and availability of the system it runs on. The weakness is categorized as CWE-669.

Affected Systems

The affected vendor is Ascensio, product is ONLYOFFICE DesktopEditors. All builds before 9.3.0 are vulnerable. Users running any earlier version on any supported operating system are at risk.

Risk and Exploitability

The CVSS score of 6.2 indicates medium severity. EPSS data is unavailable, so current exploitation probability cannot be quantified, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector involves the update service; an attacker would need to supply a malicious update package or compromise the update server. Once triggered, the attacker could take actions with SYSTEM‑level privileges, making this a critical escalation vector in environments where the DesktopEditors service runs under privileged accounts.

Generated by OpenCVE AI on April 16, 2026 at 08:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ONLYOFFICE DesktopEditors to version 9.3.0 or later.
  • Disable automatic updates or limit updates to verified sources whenever possible.
  • Monitor system for anomalous file modifications and enforce least privilege for software that manages updates.

Generated by OpenCVE AI on April 16, 2026 at 08:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 16 Apr 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Ascensio
Ascensio onlyoffice Desktopeditors
Vendors & Products Ascensio
Ascensio onlyoffice Desktopeditors

Thu, 16 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Update Service in ONLYOFFICE DesktopEditors

Thu, 16 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges.
Weaknesses CWE-669
References
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Ascensio Onlyoffice Desktopeditors
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-16T12:31:19.989Z

Reserved: 2026-04-16T05:51:20.922Z

Link: CVE-2026-41030

cve-icon Vulnrichment

Updated: 2026-04-16T12:20:11.963Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-16T07:16:30.660

Modified: 2026-04-17T15:38:09.243

Link: CVE-2026-41030

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T09:11:41Z

Weaknesses