@JonasSysadmin
Thank you for the quick response! For the MSRC case, I'd recommend reaching out to our Microsoft Security Response Center via their webpage.
When it comes to sensitivity labels, it's recommended to Migrate from AD RMS to Azure Information Protection(AIP). With AIP, you must be the owner of the file to remove protection, or been granted permissions to remove protection (the Rights Management permission of Export or Full Control). For more info. Lastly, with the Unified labeling client, labeling and protection actions aren't supported. However, for an AD RMS deployment, the viewer can open protected documents when you use the Active Directory Rights Management Services Mobile Device Extension.
I hope this helps!
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.