CVE-2026-0870

HIGH

MacroHub - Privilege Escalation

Title source: llm

Description

MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.

References (3)

[Various Sources] https://www.twcert.org.tw/tw/cp-132-10701-fc9e0-1.html

[Various Sources] https://www.twcert.org.tw/en/cp-139-10702-b40aa-2.html

[Various Sources] https://www.gigabyte.com/Support/Security/2362

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 4.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-250

Status published

Products (1)

GIGABYTE/MacroHub < 2.3.1

Published Feb 09, 2026

Tracked Since Feb 18, 2026