MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
Weakness
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/104.html
- https://cwe.mitre.org/data/definitions/470.html
- https://cwe.mitre.org/data/definitions/69.html