CVE-2026-0870
Awaiting Analysis Awaiting Analysis - Queue
Local Privilege Escalation in GIGABYTE MacroHub via Improper Privileges

Publication date: 2026-02-09

Last updated on: 2026-02-09

Assigner: TWCERT/CC

Description
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-09
Last Modified
2026-02-09
Generated
2026-06-16
AI Q&A
2026-02-09
EPSS Evaluated
2026-06-14
NVD
CVE-2026-0870
EUVD
EUVD-2026-6905
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
gigabyte macrohub *
gigabyte macrohub to 2.3.2 (exc)
gigabyte macrohub From 2.3.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-0870 is a Local Privilege Escalation vulnerability in the MacroHub application developed by GIGABYTE. The vulnerability occurs because MacroHub improperly launches external applications with incorrect privileges.

This flaw allows an authenticated local attacker to execute arbitrary code with SYSTEM-level privileges, effectively gaining full control over the affected system.

Impact Analysis

This vulnerability can have a significant impact as it allows a local attacker with limited privileges to escalate their rights to SYSTEM level.

  • Execution of arbitrary code with SYSTEM privileges.
  • Potential full control over the affected system.
  • Compromise of confidentiality, integrity, and availability of the system.
Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to update MacroHub to version 2.3.2 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0870. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart