Hello Janus Bariñan,
Given that you discovered that the Domain Users security group was granted Replicate the Directory Changes, Replicate Directory Changes All, and Replicate Directory Changes in Filtered Set permissions, this clearly poses a potential security risk. For non-administrator users and non-essential service accounts, from a security perspective, these permissions should be deleted to reduce the possibility of DCSync attacks.
Best Regards,
Yanhong Liu
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.