Securing Plugin Licenses in FileMaker: Addressing Breaches, Legal Implications, and Evolving Security Practices

Dimitris Kokoutsidis, Sept 8, 2024, CyberFM Many FileMaker developers rely on hardcoded license keys for plugin solutions. I have a few questions regarding this approach: Overview of Plugin License Texts Following the blog post, you’ll find the detailed license texts for major FileMaker plugins. This section serves as a guide to understand how each plugin

FMS, privilege escalation

CVE macOS, Windows, Ubuntu FileMaker Server CVE-2024-23202 Source: https://fm-security.com/posts/priv_esc/ I have identified a privilege escalation vulnerability in FileMaker Server for all platforms (macOS, Windows, Ubuntu) This vulnerability allows an attacker, that has the most limited access to a remote database, hosted on FileMaker Server, to get full access privileges, with access to all data from all tables

FileMaker, dylib hijacking

Understanding the Risks and Mitigations of dylib Hijacking in macOS FileMaker Pro CVE-2023-42920 Source: https://fm-security.com/posts/dylib/ CVE macOS FileMaker Pro CVE-2023-42920 Menu Introduction The dylib hijacking vulnerability for macOS is well known and studied. But from a FileMaker developer’s point of view, I have not seen any analysis of this problem. I will begin a little bit from afar. Embedding into someone else’s

Deciphering the FileMaker Server keystore

Unlocking the Secrets of the FileMaker Server Keystore: A Cryptographic Exploration Source: https://davidhamann.de/2023/05/29/deciphering-the-filemaker-keystore/ Introduction  On This Page While checking out how the FileMaker Pro to Server upload feature worked, I noticed that credentials were encrypted using a RSA public key before being sent to the server. I looked into FileMaker Server’s installation directory and found that

Fix error 853 when encrypting FileMaker databases

Troubleshooting FileMaker Database Encryption Issues Source: https://davidhamann.de/2018/08/19/fix-error-853-when-encrypting-filemaker-databases/ Have you ever gotten the following error after trying to encrypt your FileMaker databases? Error 853 refers to One or more containers failed to transfer in the error code listing and herein usually lies the problem. When you encrypt your database, make sure to place the existing external container data into the