Yes, that is the definition consistent with historical use of "RCE": a component is accessible in such a way that it is remotely reachable and you can get full code execution access on the machine via that bug (subject to whatever limits the process has within the OS, such as running as a certain user ID or seccomp or such). This attack is less like an RCE in a networked web server and more like bad file parsing in a PDF reader

Last month it was the term "supply chain attack" that was abused to describe a situation where some vulnerable dependency could be abused in a downstream component. I guess every weakness in the Linux kernel is now a "supply chain attack" because it was in the supply chain and there is an attack, never mind that the term was originally about e.g. the liblzma/xz situation (specific attacks on a supply chain component, with no other purpose than attacking a downstream vendor)

I know I can't stop language change but I am getting a bit tired of how many tech people (who know better) go along with fear term inflation