Latest version: 1.8.10 || ZeroTier is now available on MikroTik. Read more.

ZeroTier for Windows Local Privilege Escalation

Summary: ZeroTier versions 1.8.7 and below for Windows set incorrect filesystem permissions on “C:\ProgramData\ZeroTier\One\”. The Users group had write access to the directory ZeroTier reads on startup, allowing privilege escalation via DLL hijacking. MacOS, Linux, and other platforms were not affected. Impact Local privilege escalation to SYSTEM. Mitigation Upgrade Windows systems to version 1.8.8. Acknowledgements […]
Read More

ZeroTier Central now integrates with HashiCorp Terraform

Managing network settings with a webUI can be tedious. Taking full advantage of ZeroTier means enrolling large numbers of devices, segmenting networks, and utilizing the rules engine. At scale, manual management quickly breaks down. Describing ZeroTier networks as code can make life much easier. Code lets you dynamically generate settings, keep things in version control, and […]
Read More

Incident Response to September 20th 2021

UPDATE: Version 1.6.6 is now released and contains an additional mitigation against this issue. We recommend upgrading. Intro On Sep 20th, Pulse Security published an advisory detailing conditions in which they were able to inject packets into a ZeroTier network. Status • Patches were applied to address this vulnerability on June 18, 2021, and September […]
Read More

Working From Home

In response Covid-19, organizations across the globe are encouraging, and often requiring, people to stay at home and work remotely. This often presents technical challenges that can be difficult to overcome, especially for small businesses. Enabling remote working has now become a critical priority for many, many people. We’d like to take this opportunity to […]
Read More