CVE-2026-0870
HIGHSeverity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
AnalysisAI
GIGABYTE MacroHub improperly executes external applications with elevated privileges, enabling authenticated local users to achieve arbitrary code execution with SYSTEM-level access. This local privilege escalation affects MacroHub users on Windows systems and could allow attackers to fully compromise affected machines. No patch is currently available.
Technical ContextAI
Classified as CWE-250 (Execution with Unnecessary Privileges). MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
Affected ProductsAI
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-250 – Execution with Unnecessary Privileges
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today