CVE-2026-0870
7.8 HIGHPublished 2026-02-09 · Modified 2026-02-09 · Awaiting Analysis
Quick Summary
A vulnerability in GIGABYTE's MacroHub software allows a local user to run programs with higher privileges than intended. This means a regular user on the computer could gain full system control.
Who is affected
Users with a local account on systems running the vulnerable GIGABYTE MacroHub software are affected. An attacker could exploit this to install programs, view or change data, and create new accounts with full administrative (SYSTEM) rights.
Recommended fix
Check the GIGABYTE website for an updated version of the MacroHub software and apply the patch immediately. Until patched, uninstalling the software is the primary mitigation.
Technical Description
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
CVSS Details
Attack Vector
LOCAL
Complexity
LOW
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-250